Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
FoundationAgents MetaGPT vulnerable to os command injection via the Terminal.run_command Moderate
CVE-2026-5972 was published for metagpt (pip) Apr 9, 2026
FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/utils/common.py Moderate
CVE-2026-5973 was published for metagpt (pip) Apr 9, 2026
FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/tools/libs/terminal.py Moderate
CVE-2026-5974 was published for metagpt (pip) Apr 9, 2026
MS-Agent vulnerable to Command Injection Moderate
CVE-2026-2256 was published for ms-agent (pip) Mar 2, 2026
Command Injection in pip when used with Mercurial Moderate
CVE-2023-5752 was published for pip (pip) Oct 25, 2023
mwpeterson Credited to mwpeterson
mcp-kubernetes-server has a Command Injection vulnerability Moderate
CVE-2025-59376 was published for mcp-kubernetes-server (pip) Sep 15, 2025
cai0duque Credited to cai0duque
Salt's on demand pillar functionality vulnerable to arbitrary command injections Moderate
CVE-2025-22237 was published for salt (pip) Jun 13, 2025
XPixelGroup BasicSR Command Injection Moderate
CVE-2024-27763 was published for basicsr (pip) Mar 12, 2025
aydinnyunus Credited to aydinnyunus
Composio Command Execution vulnerability Moderate
CVE-2024-53526 was published for composio-claude (pip) Jan 8, 2025
dcnnt-py is vulnerable to command injection via Notification Handler Moderate
CVE-2023-1000 was published for dcnnt (pip) Apr 27, 2024
ScanCode.io command injection in docker image fetch process Moderate
CVE-2023-39523 was published for scancodeio (pip) Aug 9, 2023
0xmpij Credited to 0xmpij
ProTip! Advisories are also available from the GraphQL API