GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
555 advisories
Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta
Moderate
CVE-2026-47121
was published
for
github.com/sparkle-project/Sparkle
(Swift)
May 29, 2026
BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context
Moderate
CVE-2026-40610
was published
for
bentoml
(pip)
May 7, 2026
python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback
Moderate
CVE-2026-28684
was published
for
python-dotenv
(pip)
Apr 21, 2026
ProTip!
Advisories are also available from the
GraphQL API