Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2 advisories

Loading
MCP Python SDK: WebSocket server transport does not support Host/Origin validation High
CVE-2026-59950 was published for mcp (pip) Jul 16, 2026
nitish-yaddala Credited to nitish-yaddala, Nadav0077, dodge1218, gistrec, and u-ktdi Nadav0077 Nadav0077
dodge1218 dodge1218 gistrec gistrec u-ktdi u-ktdi
Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path Moderate
CVE-2026-46338 was published for pymdown-extensions (pip) May 19, 2026
gistrec Credited to gistrec
ProTip! Advisories are also available from the GraphQL API