GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
30,224 advisories
DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval
Critical
CVE-2026-45311
was published
for
deepseek-tui
(npm)
May 14, 2026
Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark
Critical
CVE-2026-45058
was published
for
electerm
(npm)
May 14, 2026
Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
Critical
CVE-2026-44990
was published
for
sanitize-html
(npm)
May 14, 2026
Portainer has an endpoint security bypass via Swarm service create/update
Critical
CVE-2026-44849
was published
for
github.com/portainer/portainer
(Go)
May 14, 2026
Portainer missing authorization on Docker plugin endpoints, which allows host RCE
Critical
CVE-2026-44848
was published
for
github.com/portainer/portainer
(Go)
May 14, 2026
n8n Has an XML Node Prototype Pollution Patch Bypass
Critical
CVE-2026-44791
was published
for
n8n
(npm)
May 14, 2026
n8n Has an Arbitrary File Read via Git Node
Critical
CVE-2026-44790
was published
for
n8n
(npm)
May 14, 2026
n8n: HTTP Request Node Pagination Prototype Pollution to RCE
Critical
CVE-2026-44789
was published
for
n8n
(npm)
May 14, 2026
Amazon Redshift Vulnerable to Remote Code Execution via Unsafe Class Loading
Critical
CVE-2026-8178
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 14, 2026
ProTip!
Advisories are also available from the
GraphQL API