GitHub Security Advisories (GHSA) are authoritative notices for vulnerable open-source packages and ecosystems (for example npm, PyPI, or Maven), usually with a linked CVE. Use the search box to find a GHSA or CVE, narrow by ecosystem or severity, or match phrases in the summary.
| GHSA | CVE | Severity | Type | Summary | Published |
|---|---|---|---|---|---|
| GHSA-x9hc-8r9x-c29v | CVE-2026-48565 | high | unreviewed | Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate... | 2026-06-09 18:31:00 UTC |
| GHSA-x5vh-qfr8-9p58 | CVE-2026-47648 | high | unreviewed | Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges... | 2026-06-09 18:30:55 UTC |
| GHSA-5qvv-w9jp-w335 | CVE-2026-47292 | high | unreviewed | Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an... | 2026-06-09 18:30:54 UTC |
| GHSA-2872-gp33-8736 | CVE-2026-45643 | high | unreviewed | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute... | 2026-06-09 18:30:53 UTC |
| GHSA-v99j-98xx-cvgv | CVE-2026-45484 | high | unreviewed | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... | 2026-06-09 18:30:50 UTC |
| GHSA-q9cq-rj77-7rpr | CVE-2026-45486 | high | unreviewed | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute... | 2026-06-09 18:30:50 UTC |
| GHSA-j65q-5x75-rjwv | CVE-2026-45471 | high | unreviewed | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute... | 2026-06-09 18:30:49 UTC |
| GHSA-9wv7-96q7-32pc | CVE-2026-45457 | high | unreviewed | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute... | 2026-06-09 18:30:48 UTC |
| GHSA-vw3f-64x5-vmq4 | CVE-2026-33828 | high | unreviewed | Trust boundary violation in Windows Attestation allows an authorized attacker to elevate... | 2026-06-09 18:30:41 UTC |
| GHSA-7w62-gvgg-pvvq | CVE-2026-26142 | critical | unreviewed | Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to... | 2026-06-09 18:30:41 UTC |
| GHSA-x863-p983-p4f7 | CVE-2026-41855 | high | unreviewed | In an untrusted JMS environment, org.springframework.jms.support.converter... | 2026-06-09 06:31:58 UTC |
| GHSA-rxx6-vjpq-6755 | CVE-2026-11697 | critical | unreviewed | Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed... | 2026-06-09 00:33:26 UTC |
| GHSA-6mr8-wmr4-ch9v | CVE-2026-11691 | low | unreviewed | Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827... | 2026-06-09 00:33:26 UTC |
| GHSA-q7vr-j5wc-2xch | CVE-2026-11666 | medium | unreviewed | Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103... | 2026-06-09 00:33:25 UTC |
| GHSA-q4p8-cgh7-q73x | CVE-2026-11658 | medium | unreviewed | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103... | 2026-06-09 00:33:25 UTC |
| GHSA-mfw4-fc92-pwx6 | CVE-2026-11686 | low | unreviewed | Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827... | 2026-06-09 00:33:25 UTC |
| GHSA-cqm4-2v9f-324r | CVE-2026-11660 | high | unreviewed | Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827... | 2026-06-09 00:33:25 UTC |
| GHSA-68c4-77cf-437j | CVE-2026-11676 | high | unreviewed | Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior... | 2026-06-09 00:33:25 UTC |
| GHSA-899r-9fxv-q4xm | CVE-2020-37248 | medium | unreviewed | OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication... | 2026-06-08 18:31:47 UTC |
| GHSA-gc6q-cwcj-3vh9 | CVE-2026-49234 | high | reviewed | Routinator crashes when sending a maliciously crafted select-asn query parameter | 2026-06-08 15:33:00 UTC |