GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
122 advisories
Lemur Privilege Escalation: Non-admin role members can rewrite role membership via PUT /api/1/roles/<id>
Moderate
CVE-2026-55163
was published
for
lemur
(pip)
Jun 25, 2026
Lemur has an authorization bypass in StrictRolePermission / AuthorityCreatorPermission
High
CVE-2026-48508
was published
for
lemur
(pip)
Jun 25, 2026
LangGraph SDK has unsafe URL path construction
Moderate
CVE-2026-48776
was published
for
langgraph-sdk
(pip)
Jun 25, 2026
PraisonAI recipe workflow policy can be bypassed by declaring and YAML-approving dangerous tools outside TEMPLATE.yaml
High
GHSA-7qw2-w5rc-37x2
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI Code agent tools fail open without a workspace boundary
High
GHSA-gcq3-mfvh-3x25
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI: Unauthenticated RCE via Jobs API + Approval Bypass
Critical
GHSA-4869-x4pr-q22x
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI: Compute-bridged file tools allow shell command injection
High
GHSA-w6h2-fr4q-xvxv
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI recipe.run_stream skips dangerous-tool policy enforcement
High
GHSA-v847-hxxw-3pxg
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI Slack app_mention bypasses configured user/channel authorization
High
GHSA-qvpf-j64c-jmhr
was published
for
praisonai
(pip)
Jun 18, 2026
PraisonAI DiscordApproval accepts unrelated channel messages as dangerous-tool approvals
High
GHSA-8579-rgg5-ph2m
was published
for
praisonai
(pip)
Jun 18, 2026
Open WebUI: Any authenticated user can read other users' private notes via Socket.IO
Moderate
CVE-2026-54022
was published
for
open-webui
(pip)
Jun 17, 2026
Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter
Moderate
CVE-2026-54021
was published
for
open-webui
(pip)
Jun 17, 2026
PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
Critical
CVE-2026-47407
was published
for
praisonai-platform
(pip)
May 29, 2026
wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None
High
GHSA-mw8f-w6p8-xrf4
was published
for
wger
(pip)
May 20, 2026
Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed
High
CVE-2026-45672
was published
for
open-webui
(pip)
May 14, 2026
Open WebUI's API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints
Moderate
CVE-2026-45339
was published
for
open-webu
(pip)
May 14, 2026
Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access)
Low
CVE-2026-45316
was published
for
open-webui
(pip)
May 14, 2026
Authlib OIDC Implicit/Hybrid Authorization Vulnerable to Open Redirect
Moderate
CVE-2026-44681
was published
for
authlib
(pip)
May 13, 2026
Open WebUI: Deactivated Channel Members Retain Full Access to Group/DM Channels
Moderate
CVE-2026-44561
was published
for
open-webui
(pip)
May 8, 2026
ProTip!
Advisories are also available from the
GraphQL API