GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
539 advisories
Laravel Redis Horizontal Scaling Insecure Deserialization
Critical
CVE-2026-23524
was published
for
laravel/reverb
(Composer)
Jan 21, 2026
Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization
Critical
CVE-2025-49113
was published
for
roundcube/roundcubemail
(Composer)
Jun 2, 2025
Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”)
Critical
CVE-2025-67510
was published
for
neuron-core/neuron-ai
(Composer)
Dec 9, 2025
SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475
Critical
GHSA-5j8p-438x-rgg5
was published
for
onelogin/php-saml
(Composer)
Dec 9, 2025
Mautic user without privileged access to the Marketplace can install and uninstall composer packages
Critical
CVE-2025-13828
was published
for
mautic/core
(Composer)
Dec 2, 2025
The ADOdb sqlite3 driver allows SQL injection
Critical
CVE-2025-54119
was published
for
adodb/adodb-php
(Composer)
Aug 4, 2025
RoadRunner is at risk of HTTP Request/Response Smuggling through vulnerable dependency
Critical
CVE-2025-22871
was published
for
spiral/roadrunner
(Composer)
Apr 8, 2025
ProTip!
Advisories are also available from the
GraphQL API