Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call High
CVE-2026-49291 was published for mcp-memory-service (pip) Jun 26, 2026
DavidCarliez Credited to DavidCarliez
Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID High
CVE-2026-54695 was published for pipecat-ai (pip) Jun 18, 2026
EQSTLab Credited to EQSTLab and min8282 min8282 min8282
PraisonAI Slack app_mention bypasses configured user/channel authorization High
GHSA-qvpf-j64c-jmhr was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI recipe serve Typer command bypasses the non-localhost authentication guard High
GHSA-5qw8-f2g9-ff29 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools High
GHSA-vmf9-xx9w-86wx was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion High
CVE-2026-54012 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, and Classic298 5yu4n 5yu4n
Classic298 Classic298
Open WebUI: Forged chat-file link allows cross-user file read and deletion High
CVE-2026-54010 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, Classic298, and oxsignal 5yu4n 5yu4n
Classic298 Classic298 oxsignal oxsignal
praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id} High
CVE-2026-47412 was published for praisonai-platform (pip) Jun 1, 2026
offset Credited to offset and 0xEr3n 0xEr3n 0xEr3n
praisonai-platform: Missing authorization on member removal enables full workspace takeover by any user regardless of role High
CVE-2026-47409 was published for praisonai-platform (pip) May 29, 2026
PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace membership High
CVE-2026-47405 was published for praisonai-platform (pip) May 29, 2026
beanduan22 Credited to beanduan22
PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API High
CVE-2026-48169 was published for praisonai-platform (pip) May 29, 2026
joshuaalwin Credited to joshuaalwin
PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.show, workflow.validate, deploy.validate High
CVE-2026-47394 was published for PraisonAI (pip) May 29, 2026
beanduan22 Credited to beanduan22
wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None High
GHSA-mw8f-w6p8-xrf4 was published for wger (pip) May 20, 2026
HiyokoSauna37 Credited to HiyokoSauna37
Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption High
CVE-2026-45399 was published for open-webui (pip) May 14, 2026
naruto3co Credited to naruto3co
Open WebUI's chat completion API allows tool restrictions to be bypassed High
CVE-2026-45350 was published for open-webui (pip) May 14, 2026
Open WebUI's Insecure Message Access Breaks Authorization High
CVE-2026-44569 was published for open-webui (pip) May 11, 2026
geckosecurity Credited to geckosecurity
Open WebUI has Improper Authorization Control High
CVE-2026-44567 was published for open-webui (pip) May 8, 2026
KoreLogicSecurityDisclosures Credited to KoreLogicSecurityDisclosures
Open WebUI has Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Overwrite High
CVE-2026-44554 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI's responses passthrough endpoint lacks access control authorization High
CVE-2026-44556 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining High
CVE-2026-44555 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
wger has Broken Access Control in Global Gym Configuration Update Endpoint High
CVE-2026-40474 was published for wger (pip) Apr 16, 2026
VashuVats Credited to VashuVats
Ajenti has an authorization bypass during custom package installation High
CVE-2026-35175 was published for ajenti-panel (pip) Apr 3, 2026
Thien225409 Credited to Thien225409
Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check High
CVE-2026-34046 was published for langflow (pip) Mar 27, 2026
chximn-dt Credited to chximn-dt and AntonioABLima AntonioABLima AntonioABLima
langflow has Unauthenticated IDOR on Image Downloads High
CVE-2026-33484 was published for langflow (pip) Mar 20, 2026
akshatgit Credited to akshatgit, abhinavagarwal07, and andifilhohub abhinavagarwal07 abhinavagarwal07
andifilhohub andifilhohub
Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization High
CVE-2026-30911 was published for apache-airflow (pip) Mar 17, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database