Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,462 advisories

Loading
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code... Critical Unreviewed
CVE-2025-56005 was published Jan 20, 2026
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2026-0726 was published Jan 20, 2026
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in... Critical Unreviewed
CVE-2023-7334 was published Jan 16, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-20963 was published Jan 13, 2026
LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 contain an unsafe... High Unreviewed
CVE-2024-14021 was published Jan 13, 2026
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux... Low Unreviewed
CVE-2025-69276 was published Jan 12, 2026
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters... Critical Unreviewed
CVE-2025-67911 was published Jan 8, 2026
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows... Critical Unreviewed
CVE-2025-47552 was published Jan 7, 2026
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows... High Unreviewed
CVE-2025-47553 was published Jan 6, 2026
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection... High Unreviewed
CVE-2025-31047 was published Jan 5, 2026
FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-15276 was published Dec 31, 2025
A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of... Moderate Unreviewed
CVE-2025-15375 was published Dec 31, 2025
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers... Critical Unreviewed
CVE-2025-68038 was published Dec 24, 2025
Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13710 was published Dec 24, 2025
Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13707 was published Dec 24, 2025
Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13706 was published Dec 24, 2025
Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13709 was published Dec 24, 2025
Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-13711 was published Dec 24, 2025
Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code... High Unreviewed
CVE-2025-13708 was published Dec 24, 2025
Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-13712 was published Dec 24, 2025
Tencent Hunyuan3D-1 load_pretrained Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13713 was published Dec 24, 2025
Tencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13714 was published Dec 24, 2025
Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13715 was published Dec 24, 2025
Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-13716 was published Dec 24, 2025
Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-14920 was published Dec 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database