GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
75 advisories
Filter by severity
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`
High
CVE-2026-49986
was published
for
neuro-cortex-memory
(pip)
Jul 1, 2026
pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes
High
CVE-2026-55698
was published
for
pnpm
(npm)
Jun 26, 2026
pnpm: Repository-controlled configDependencies can select a pacquet native install engine
High
CVE-2026-55697
was published
for
pnpm
(npm)
Jun 26, 2026
pnpm: Manifest identity spoof satisfies allowBuilds and runs attacker lifecycle
High
CVE-2026-55487
was published
for
pnpm
(npm)
Jun 26, 2026
containerd: CRI checkpoint import allows local image tag poisoning
Moderate
CVE-2026-50195
was published
for
github.com/containerd/containerd/v2
(Go)
Jun 19, 2026
[Eclipse Theia] Indirect Prompt Injection via Auto-Loaded Workspace Prompt Template Files in AI Chat
High
CVE-2026-46580
was published
for
@theia/ai-chat
(npm)
Jun 18, 2026
[Eclipse Theia] Arbitrary Command Execution via Untrusted Workspace Task Definitions
High
CVE-2026-44691
was published
for
@theia/debug
(npm)
Jun 18, 2026
[Eclipse Theia] Indirect Prompt Injection via Adversarial Workspace File and Directory Names in AI Chat
High
CVE-2026-44688
was published
for
@theia/ai-chat
(npm)
Jun 18, 2026
Pi Agent: Pi loads project-local extensions without approval
Moderate
CVE-2026-54325
was published
for
@earendil-works/pi-coding-agent
(npm)
Jun 17, 2026
OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere
High
CVE-2026-43003
was published
for
ironic-python-agent
(pip)
May 1, 2026
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL
Moderate
CVE-2026-22217
was published
for
openclaw
(npm)
Mar 3, 2026
CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content
Moderate
CVE-2026-44312
was published
for
css_parser
(RubyGems)
May 7, 2026
OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere
Moderate
CVE-2026-42510
was published
for
ironic
(pip)
Apr 28, 2026
PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `agents_generator.py` - sibling of CVE-2026-44334
High
CVE-2026-47398
was published
for
PraisonAI
(pip)
May 29, 2026
yeoman-environment Vulnerable to Arbitrary Package Installation without User Confirmation
High
CVE-2026-42089
was published
for
yeoman-environment
(npm)
May 26, 2026
OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config
Moderate
CVE-2026-44995
was published
for
openclaw
(npm)
Apr 25, 2026
Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs
Moderate
CVE-2026-45711
was published
for
github.com/axllent/mailpit
(Go)
May 19, 2026
Duplicate Advisory: OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config
Moderate
GHSA-p3m6-jr2h-hhxj
was published
for
openclaw
(npm)
May 11, 2026
•
withdrawn
Electerm users can run dangrous code through link or command line
Critical
CVE-2026-43944
was published
for
electerm
(npm)
May 8, 2026
PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
Critical
CVE-2026-44336
was published
for
PraisonAI
(pip)
May 11, 2026
Electerm runWidget has a path traversal that leads to arbitrary code execution
Critical
CVE-2026-43940
was published
for
electerm
(npm)
May 8, 2026
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins
High
CVE-2026-43569
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows
High
CVE-2026-43571
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
Moderate
CVE-2026-41355
was published
for
openclaw
(npm)
Apr 7, 2026
OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code
High
CVE-2026-41336
was published
for
openclaw
(npm)
Apr 2, 2026
ProTip!
Advisories are also available from the
GraphQL API