GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
51 advisories
LangGraph Checkpoint: Unsafe JSON deserialization in checkpoint loading
Moderate
CVE-2026-48775
was published
for
langgraph-checkpoint
(pip)
Jun 25, 2026
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
Critical
CVE-2026-53753
was published
for
crawl4ai
(pip)
Jun 16, 2026
vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass
Critical
CVE-2026-47210
was published
for
vm2
(npm)
May 29, 2026
vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE
Critical
CVE-2026-47137
was published
for
vm2
(npm)
May 29, 2026
vm2 is Vulnerable to Sandbox Breakout Through Promise Species
Critical
CVE-2026-47208
was published
for
vm2
(npm)
May 29, 2026
PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
Critical
CVE-2026-44336
was published
for
PraisonAI
(pip)
May 11, 2026
NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node
Critical
CVE-2026-34156
was published
for
@nocobase/plugin-workflow-javascript
(npm)
Mar 30, 2026
Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names
Critical
CVE-2026-33286
was published
for
graphiti
(RubyGems)
Mar 20, 2026
n8n Has Expression Escape Vulnerability Leading to RCE
Critical
CVE-2026-25049
was published
for
n8n
(npm)
Feb 4, 2026
SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
Critical
CVE-2026-23830
was published
for
@nyariv/sandboxjs
(npm)
Jan 27, 2026
Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)
Critical
CVE-2025-66398
was published
for
signalk-server
(npm)
Jan 2, 2026
Picklescan does not block ctypes
High
CVE-2025-71323
was published
for
picklescan
(pip)
Dec 29, 2025
n8n Vulnerable to Remote Code Execution via Expression Injection
Critical
CVE-2025-68613
was published
for
n8n
(npm)
Dec 22, 2025
Rack has a Possible Information Disclosure Vulnerability
Moderate
CVE-2025-61780
was published
for
rack
(RubyGems)
Oct 10, 2025
The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.
High
CVE-2025-9905
was published
for
keras
(pip)
Sep 19, 2025
dbt has an implicit override for built-in materializations from installed packages
Low
CVE-2024-40637
was published
for
dbt-core
(pip)
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API