Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

54 advisories

Loading
Lemur has an authorization bypass in StrictRolePermission / AuthorityCreatorPermission High
CVE-2026-48508 was published for lemur (pip) Jun 25, 2026
hits313 Credited to hits313
stigmem-node: decay sweep expires and counts facts across all tenants (cross-tenant BOLA) High
GHSA-6gqw-jqv7-v88m was published for stigmem-node (pip) Jun 19, 2026
rexpository Credited to rexpository
PraisonAI Code agent tools fail open without a workspace boundary High
GHSA-gcq3-mfvh-3x25 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI: Compute-bridged file tools allow shell command injection High
GHSA-w6h2-fr4q-xvxv was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI recipe.run_stream skips dangerous-tool policy enforcement High
GHSA-v847-hxxw-3pxg was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI Slack app_mention bypasses configured user/channel authorization High
GHSA-qvpf-j64c-jmhr was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI DiscordApproval accepts unrelated channel messages as dangerous-tool approvals High
GHSA-8579-rgg5-ph2m was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
LiteLLM allows a user to modify their own user_role via the /user/update endpoint High
CVE-2026-47102 was published for litellm (pip) May 21, 2026
wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None High
GHSA-mw8f-w6p8-xrf4 was published for wger (pip) May 20, 2026
HiyokoSauna37 Credited to HiyokoSauna37
aliceQWAS Credited to aliceQWAS
Classic298 Credited to Classic298
OpenStack Cyborg uses rule:allow (check_str='@') as the default policy for multiple API endpoints High
CVE-2026-40213 was published for openstack-cyborg (pip) May 8, 2026
OpenStack Keystone has an Incorrect Authorization Issue High
CVE-2026-43001 was published for keystone (pip) May 1, 2026
CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql` High
CVE-2026-42031 was published for ckan (pip) Apr 29, 2026
ddd Credited to ddd
Apache Airflow allows users with asset materialize permissions to trigger DAGs outside of their permissions High
CVE-2026-32228 was published for apache-airflow-core (pip) Apr 18, 2026
LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint High
CVE-2026-35029 was published for litellm (pip) Apr 3, 2026
FastMCP OAuth Proxy token reuse across MCP servers High
CVE-2025-69196 was published for fastmcp (pip) Mar 16, 2026
an7y Credited to an7y
PyJWT accepts unknown `crit` header extensions High
CVE-2026-32597 was published for PyJWT (pip) Mar 13, 2026
dmbs335 Credited to dmbs335
Apache Superset: Read-Only Bypass via Improper Input Validation on PostgreSQL Connections High
CVE-2026-23984 was published for apache-superset (pip) Feb 24, 2026
ProTip! Advisories are also available from the GraphQL API