Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution Critical
CVE-2026-47391 was published for PraisonAI (pip) May 29, 2026
foxirain Credited to foxirain
PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default Critical
CVE-2026-47393 was published for PraisonAI (pip) May 29, 2026
SnailSploit Credited to SnailSploit
PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset Critical
CVE-2026-47396 was published for PraisonAI (pip) May 29, 2026
beanduan22 Credited to beanduan22
9router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes Critical
CVE-2026-46339 was published for 9router (npm) May 19, 2026
sondt99 Credited to sondt99
Kopia: RCE via SSH ProxyCommand Injection Critical
CVE-2026-45695 was published for github.com/kopia/kopia (Go) May 19, 2026
berardinellidaniele Credited to berardinellidaniele
Goobi viewer - Core: Unauthenticated Solr Streaming Expression Proxy Critical
CVE-2026-45083 was published for io.goobi.viewer:viewer-core (Maven) May 13, 2026
SillyTavern has Authentication Bypass via SSO Header Injection Critical
CVE-2026-44649 was published for sillytavern (npm) May 12, 2026
kirakira-dev Credited to kirakira-dev
OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input Critical
CVE-2026-42074 was published for openclaude (npm) May 12, 2026
Rosayxy Credited to Rosayxy
Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action` Critical
CVE-2026-45087 was published for github.com/hahwul/dalfox/v2 (Go) May 12, 2026
drmingler Credited to drmingler
free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers Critical
CVE-2026-44329 was published for github.com/free5gc/smf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler Critical
CVE-2026-44327 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
Cline Kanban Server has a Cross-Origin WebSocket Hijacking Vulnerability Critical
CVE-2026-44211 was published for cline (npm) May 8, 2026
sagilayani Credited to sagilayani
FireFighter has unauthenticated SSRF in its Raid jira_bot endpoint that allows IAM credential theft Critical
CVE-2026-42864 was published for firefighter-incident (pip) May 5, 2026
phpVMS has an /importer authorization bypass causing full database wipe Critical
CVE-2026-42569 was published for nabeel/phpvms (Composer) May 4, 2026
peter-bosch Credited to peter-bosch
RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution Critical
CVE-2026-41179 was published for github.com/rclone/rclone (Go) Apr 22, 2026
0wnerDied Credited to 0wnerDied, ncw, and augustocesarperin ncw ncw
augustocesarperin augustocesarperin
Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution Critical
CVE-2026-41176 was published for github.com/rclone/rclone (Go) Apr 22, 2026
0wnerDied Credited to 0wnerDied and ncw ncw ncw
goshs has an empty-username SFTP password authentication bypass Critical
CVE-2026-40884 was published for github.com/patrickhener/goshs (Go) Apr 14, 2026
R1ZZG0D Credited to R1ZZG0D
Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability Critical
CVE-2026-4810 was published for google-adk (pip) Apr 13, 2026
philrollet Credited to philrollet
PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessions Critical
CVE-2026-40289 was published for PraisonAI (pip) Apr 10, 2026
R1ZZG0D Credited to R1ZZG0D
Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass Critical
CVE-2026-39987 was published for marimo (pip) Apr 8, 2026
q1uf3ng Credited to q1uf3ng
mlflow: FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization Critical
CVE-2026-0545 was published for mlflow (pip) Apr 3, 2026
PraisonAI Has Missing Authentication in WebSocket Gateway Critical
CVE-2026-34952 was published for praisonai (pip) Apr 1, 2026
YeranG30 Credited to YeranG30
nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover Critical
CVE-2026-33032 was published for github.com/0xJacky/Nginx-UI (Go) Mar 30, 2026
yotampe-pluto Credited to yotampe-pluto
MCP Connect has unauthenticated remote OS command execution via /bridge endpoint Critical
GHSA-wvr4-3wq4-gpc5 was published for mcp-bridge (npm) Mar 19, 2026
riczardo Credited to riczardo
Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint Critical
CVE-2026-33017 was published for langflow (pip) Mar 17, 2026
Aviral2642 Credited to Aviral2642, andifilhohub, Jkavia, and srmish-jfrog andifilhohub andifilhohub
Jkavia Jkavia srmish-jfrog srmish-jfrog
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database