Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem Moderate
CVE-2026-46380 was published for compliance-trestle (pip) May 28, 2026
yantongggg Credited to yantongggg and l3tchupkt l3tchupkt l3tchupkt
PyLoad Vulnerable to Path Traversal via Package Folder Name Moderate
CVE-2026-42314 was published for pyload-ng (pip) May 5, 2026
l3tchupkt Credited to l3tchupkt
PraisonAI Vulnerable to Sensitive Environment Variable Exposure via Untrusted MCP Subprocess Execution Moderate
CVE-2026-40159 was published for PraisonAI (pip) Apr 10, 2026
l3tchupkt Credited to l3tchupkt
ProTip! Advisories are also available from the GraphQL API