Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()'... High Unreviewed
CVE-2020-37137 was published Feb 5, 2026
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor... High Unreviewed
CVE-2026-0863 was published Jan 18, 2026
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4... High Unreviewed
CVE-2025-65530 was published Dec 12, 2025
XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection High
CVE-2025-66474 was published for org.xwiki.rendering:xwiki-rendering-xml (Maven) Dec 10, 2025
Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events High
CVE-2025-64496 was published for open-webui (npm) Nov 7, 2025
vitalysim
Credited to vitalysim
A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with... High Unreviewed
CVE-2025-61955 was published Oct 15, 2025
XWiki Blog Application: Privilege Escalation (PR) from account through blog content High
CVE-2025-58365 was published for org.xwiki.contrib.blog:application-blog-ui (Maven) Sep 8, 2025
The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version... High Unreviewed
CVE-2025-8420 was published Aug 6, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
AgentScope uses `eval` High
CVE-2024-48050 was published for agentscope (pip) Nov 5, 2024
Guardrails has an arbitrary code execution vulnerability High
CVE-2024-45858 was published for guardrails-ai (pip) Sep 18, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45851 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45848 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45846 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45849 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45850 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45847 was published for mindsdb (pip) Sep 12, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27320 was published for refuel-autolabel (pip) Sep 12, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27321 was published for refuel-autolabel (pip) Sep 12, 2024
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is... High Unreviewed
CVE-2023-26323 was published Aug 28, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external... High Unreviewed
CVE-2023-7224 was published Jan 8, 2024
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet:... High Unreviewed
CVE-2023-7101 was published Dec 25, 2023
Eval Injection in fastbots High
CVE-2023-48699 was published for fastbots (pip) Nov 21, 2023
ubertidavide
Credited to ubertidavide
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database