GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
31,879 advisories
Filter by severity
Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library.
...
Critical
Unreviewed
CVE-2026-3031
was published
Jul 16, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication...
Critical
Unreviewed
CVE-2026-8505
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2026-13446
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8481
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files...
Critical
Unreviewed
CVE-2026-8859
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit...
Critical
Unreviewed
CVE-2026-9135
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access...
Critical
Unreviewed
CVE-2026-9103
was published
Jul 17, 2026
IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2026-15091
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to...
Critical
Unreviewed
CVE-2026-8635
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8476
was published
Jul 17, 2026
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead.
The...
Critical
Unreviewed
CVE-2026-57074
was published
Jul 16, 2026
libpvestorage-perl v9.1.1 and libpve-storage-perl v8.3.7 were discovered to contain an XML...
Critical
Unreviewed
CVE-2026-51080
was published
Jul 17, 2026
Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute...
Critical
Unreviewed
CVE-2026-51807
was published
Jul 15, 2026
An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 ...
Critical
Unreviewed
CVE-2026-9586
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user...
Critical
Unreviewed
CVE-2026-9202
was published
Jul 17, 2026
Missing Authorization vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing...
Critical
Unreviewed
CVE-2026-12694
was published
Jul 17, 2026
Authorization bypass through User-Controlled key vulnerability in Vimesoft Inc. Enterprise Video...
Critical
Unreviewed
CVE-2026-12693
was published
Jul 17, 2026
Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows...
Critical
Unreviewed
CVE-2026-12692
was published
Jul 17, 2026
Improper neutralization of special elements used in an SQL command ('SQL injection')...
Critical
Unreviewed
CVE-2026-8297
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1...
Critical
Unreviewed
CVE-2026-9198
was published
Jul 17, 2026
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
Critical
CVE-2025-47277
was published
for
vllm
(pip)
May 20, 2025
HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead.
The...
Critical
Unreviewed
CVE-2026-57073
was published
Jul 16, 2026
golang.org/x/crypto: Invoking client can cause server deadlock on unexpected responses
Critical
CVE-2026-39830
was published
for
golang.org/x/crypto
(Go)
Jun 25, 2026
ProTip!
Advisories are also available from the
GraphQL API