GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,659

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,221 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset... Critical Unreviewed

CVE-2026-31242 was published May 12, 2026

The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502)... Critical Unreviewed

CVE-2026-31239 was published May 12, 2026

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model... Critical Unreviewed

CVE-2026-31238 was published May 12, 2026

Insufficient ownership checks in `clientarea.php` allow an authenticated client area user to... Critical Unreviewed

CVE-2026-29204 was published May 12, 2026

Guardrails AI thru 0.6.7 contains a code injection vulnerability (CWE-94) in its Hub package... Critical Unreviewed

CVE-2026-31233 was published May 12, 2026

Horovod thru 0.28.1 contains an insecure deserialization vulnerability (CWE-502) in its KVStore... Critical Unreviewed

CVE-2026-31234 was published May 12, 2026

The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains an insecure deserialization... Critical Unreviewed

CVE-2026-31229 was published May 12, 2026

The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection... Critical Unreviewed

CVE-2026-31230 was published May 12, 2026

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell... Critical Unreviewed

CVE-2026-31231 was published May 12, 2026

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox... Critical Unreviewed

CVE-2026-26083 was published May 12, 2026

Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before... Critical Unreviewed

CVE-2026-20794 was published May 12, 2026

An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a... Critical Unreviewed

CVE-2025-65719 was published May 12, 2026

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a... Critical Unreviewed

CVE-2026-31226 was published May 12, 2026

The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution... Critical Unreviewed

CVE-2026-31228 was published May 12, 2026

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from... Critical Unreviewed

CVE-2026-41293 was published May 12, 2026

Improper Authorization vulnerability when multiple method constraints define an HTTP method for... Critical Unreviewed

CVE-2026-43515 was published May 12, 2026

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat.... Critical Unreviewed

CVE-2026-43512 was published May 12, 2026

PySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerable to remote code execution... Critical Unreviewed

CVE-2026-31220 was published May 12, 2026

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API... Critical Unreviewed

CVE-2026-30805 was published May 12, 2026

The torch-checkpoint-shrink.py script in the ml-engineering project in commit... Critical Unreviewed

CVE-2026-31214 was published May 12, 2026

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion... Critical Unreviewed

CVE-2026-31215 was published May 12, 2026

The _load_model() function in the neural_magic_training.py script of the optimate project in... Critical Unreviewed

CVE-2026-31217 was published May 12, 2026

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion... Critical Unreviewed

CVE-2026-31216 was published May 12, 2026

OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input Critical

CVE-2026-42074 was published for openclaude (npm) May 12, 2026

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3. Critical Unreviewed

CVE-2026-8401 was published May 12, 2026

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,221 advisories