Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

32 advisories

Loading
The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which... Critical Unreviewed
CVE-2026-2275 was published Mar 30, 2026
OneUptime has Synthetic Monitor RCE via exposed Playwright browser object Critical
CVE-2026-30957 was published for @oneuptime/common (npm) Mar 10, 2026
maru1009 Credited to maru1009
OneUptime: Synthetic Monitor RCE via exposed Playwright browser object Critical
CVE-2026-30921 was published for @oneuptime/common (npm) Mar 7, 2026
maru1009 Credited to maru1009
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows... Critical Unreviewed
CVE-2026-30797 was published Mar 5, 2026
OpenS100 (the reference implementation S-100 viewer) prior to commit 753cf29 contain a remote... Critical Unreviewed
CVE-2026-22208 was published Feb 17, 2026
Milvus: Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise Critical
CVE-2026-26190 was published for github.com/milvus-io/milvus (Go) Feb 11, 2026
0x1f Credited to 0x1f
GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying... Critical Unreviewed
CVE-2025-53964 was published Jul 17, 2025
Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource... Critical Unreviewed
CVE-2024-13242 was published Jan 9, 2025
Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution... Critical Unreviewed
CVE-2023-51581 was published May 3, 2024
Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution... Critical Unreviewed
CVE-2023-51583 was published May 3, 2024
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution... Critical Unreviewed
CVE-2023-51575 was published May 3, 2024
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass... Critical Unreviewed
CVE-2023-51574 was published May 3, 2024
Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution... Critical Unreviewed
CVE-2023-51582 was published May 3, 2024
D-Link D-View coreservice_action_script Exposed Dangerous Function Remote Code Execution... Critical Unreviewed
CVE-2023-44414 was published May 3, 2024
LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40501 was published May 3, 2024
LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40500 was published May 3, 2024
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication... Critical Unreviewed
CVE-2023-51573 was published Apr 2, 2024
LangChain Experimental vulnerable to arbitrary code execution Critical
CVE-2024-27444 was published for langchain-experimental (pip) Feb 26, 2024
An issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an... Critical Unreviewed
CVE-2024-25675 was published Feb 9, 2024
An attacker could potentially exploit this vulnerability, leading to the ability to modify files... Critical Unreviewed
CVE-2023-5389 was published Jan 30, 2024
Duplicate Advisory: Privilege escalation in sap/cloud-security-client-go Critical
GHSA-92cg-ghq6-9587 was published for github.com/sap/cloud-security-client-go (Go) Dec 12, 2023 withdrawn
Duplicate Advisory: Improper JWT Signature Validation in SAP Security Services Library Critical
GHSA-gcgw-q47m-prvj was published for com.sap.cloud.security.xsuaa:spring-xsuaa (Maven) Dec 12, 2023 withdrawn
Duplicate Advisory: Privilege escalation in sap-xssec Critical
GHSA-p99h-pfg6-qrfg was published for sap-xssec (pip) Dec 12, 2023 withdrawn
Escalation of privileges in @sap/xssec Critical
CVE-2023-49583 was published for @sap/xssec (npm) Dec 12, 2023
leon-vg Credited to leon-vg
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed
CVE-2023-39226 was published Dec 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database