Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

31,885 advisories

Loading
LiteLLM: Authentication Bypass via Host Header Injection Critical
CVE-2026-49468 was published for litellm (pip) Jun 16, 2026
LilThawg29 Credited to LilThawg29
Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP Critical
CVE-2026-44727 was published for jupyter-server (pip) Jun 18, 2026
pikaball Credited to pikaball, y011d4, 0xHunSec, Yann-P, and Carreau y011d4 y011d4
0xHunSec 0xHunSec Yann-P Yann-P Carreau Carreau
xIllunight Credited to xIllunight and Paul-Bob Paul-Bob Paul-Bob
SurrealDB before 1.1.1 contains a format string vulnerability in the rquickjs Exception:... Critical Unreviewed
CVE-2024-58366 was published Jul 18, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit... Critical Unreviewed
CVE-2026-9135 was published Jul 17, 2026
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The... Critical Unreviewed
CVE-2026-57074 was published Jul 16, 2026
Improper neutralization of special elements used in an SQL command ('SQL injection')... Critical Unreviewed
CVE-2026-8297 was published Jul 17, 2026
ProTip! Advisories are also available from the GraphQL API