Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

603 advisories

Loading
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code... Critical Unreviewed
CVE-2025-56005 was published Jan 20, 2026
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in... Critical Unreviewed
CVE-2023-7334 was published Jan 16, 2026
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters... Critical Unreviewed
CVE-2025-67911 was published Jan 8, 2026
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows... Critical Unreviewed
CVE-2025-47552 was published Jan 7, 2026
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers... Critical Unreviewed
CVE-2025-68038 was published Dec 24, 2025
Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code... Critical Unreviewed
CVE-2025-14931 was published Dec 23, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object... Critical Unreviewed
CVE-2025-64233 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot... Critical Unreviewed
CVE-2025-60178 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices... Critical Unreviewed
CVE-2025-64227 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection... Critical Unreviewed
CVE-2025-64206 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact... Critical Unreviewed
CVE-2025-60174 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf... Critical Unreviewed
CVE-2025-60090 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin... Critical Unreviewed
CVE-2025-60091 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf... Critical Unreviewed
CVE-2025-60180 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf... Critical Unreviewed
CVE-2025-60089 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object... Critical Unreviewed
CVE-2025-54723 was published Dec 18, 2025
NVIDIA Isaac Lab contains a deserialization vulnerability. A successful exploit of this... Critical Unreviewed
CVE-2025-33210 was published Dec 16, 2025
MooreThreads torch_musa through all versions contains an unsafe deserialization vulnerability in... Critical Unreviewed
CVE-2025-65213 was published Dec 15, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... Critical Unreviewed
CVE-2025-34394 was published Dec 10, 2025
Under certain conditions, a high privileged user could exploit a deserialization vulnerability in... Critical Unreviewed
CVE-2025-42928 was published Dec 9, 2025
UNA CMS versions 9.0.0-RC1 - 14.0.0-RC4 contain a PHP object injection vulnerability in... Critical Unreviewed
CVE-2025-66571 was published Dec 4, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /role/addcan endpoint is vulnerable to... Critical Unreviewed
CVE-2025-51745 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is vulnerable to... Critical Unreviewed
CVE-2025-51744 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /serialNumber/addSerialNumber endpoint... Critical Unreviewed
CVE-2025-51746 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /material... Critical Unreviewed
CVE-2025-51742 was published Nov 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database