Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

2 advisories

Loading
ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory .env High
CVE-2026-47211 was published for ouroboros-ai (pip) May 29, 2026
qerogram Credited to qerogram
Pi Agent: Pi loads project-local extensions without approval Moderate
CVE-2026-54325 was published for @earendil-works/pi-coding-agent (npm) Jun 17, 2026
qerogram Credited to qerogram, urianpaul94, EQSTLab, kamalmarhubi, and useworld urianpaul94 urianpaul94
EQSTLab EQSTLab kamalmarhubi kamalmarhubi useworld useworld
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database