Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs Critical
CVE-2025-68664 was published for langchain-core (pip) Dec 23, 2025
0xn3va yardenporat353
VladimirEliTokarev eyurtsev ccurme mdrxy hntrl
Credited to 0xn3va, yardenporat353, VladimirEliTokarev, eyurtsev, ccurme, mdrxy, and hntrl
Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library Critical
CVE-2023-39631 was published for langchain (pip) Sep 1, 2023
eyurtsev
Credited to eyurtsev
langchain vulnerable to arbitrary code execution Critical
CVE-2023-36281 was published for langchain (pip) Aug 22, 2023
eyurtsev
Credited to eyurtsev
LangChain vulnerable to arbitrary code execution Critical
CVE-2023-39659 was published for langchain (pip) Aug 15, 2023
eyurtsev
Credited to eyurtsev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database