Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

10,820 advisories

Loading
FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files High
CVE-2026-45062 was published for github.com/dunglas/frankenphp (Go) May 15, 2026
KC1zs4 Credited to KC1zs4, chenjj, and dunglas chenjj chenjj
dunglas dunglas
Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed High
CVE-2026-45672 was published for open-webui (pip) May 14, 2026
aliceQWAS Credited to aliceQWAS
Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints High
CVE-2026-45402 was published for open-webui (pip) May 14, 2026
MrBeard-FT Credited to MrBeard-FT and Classic298 Classic298 Classic298
Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958) High
CVE-2026-45401 was published for open-webui (pip) May 14, 2026
tenbbughunters Credited to tenbbughunters, YLChen-007, sneaXOR, Classic298, and nayakchinmohan YLChen-007 YLChen-007
sneaXOR sneaXOR Classic298 Classic298 nayakchinmohan nayakchinmohan
Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url` High
CVE-2026-45400 was published for open-webui (pip) May 14, 2026
Fushuling Credited to Fushuling, RacerZ-fighting, and Classic298 RacerZ-fighting RacerZ-fighting
Classic298 Classic298
Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls High
CVE-2026-45398 was published for open-webui (pip) May 14, 2026
tenbbughunters Credited to tenbbughunters, johnatzeropath, and LeftenantZero johnatzeropath johnatzeropath
LeftenantZero LeftenantZero
Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution High
CVE-2026-45395 was published for open-webui (npm) May 14, 2026
KadirArslan Credited to KadirArslan
Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts High
CVE-2026-45675 was published for open-webui (pip) May 14, 2026
sfwani Credited to sfwani and Classic298 Classic298 Classic298
Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion High
CVE-2026-45671 was published for open-webui (pip) May 14, 2026
Inar1Dev Credited to Inar1Dev
Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption High
CVE-2026-45399 was published for open-webui (pip) May 14, 2026
naruto3co Credited to naruto3co
Open WebUI has Broken Access Control for Completions API High
CVE-2026-45349 was published for open-webui (pip) May 14, 2026
savvaki Credited to savvaki
Open WebUI has a full SSRF Vulnerability in the RAG Web Search Feature High
CVE-2026-45331 was published for open-webui (pip) May 14, 2026
dkonis Credited to dkonis, wlayzz, and Classic298 wlayzz wlayzz
Classic298 Classic298
Open WebUI has Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Overwrite High
CVE-2026-44554 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI's responses passthrough endpoint lacks access control authorization High
CVE-2026-44556 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining High
CVE-2026-44555 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning High
CVE-2026-44552 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access High
CVE-2026-44553 was published for open-webui (pip) May 8, 2026
Classic298 Credited to Classic298
open-webui Vulnerable to Stored XSS via Model Description High
CVE-2026-44721 was published for open-webui (npm) May 8, 2026
fr0stydev Credited to fr0stydev and Classic298 Classic298 Classic298
Microsoft APM CLI's plugin.json component paths escape plugin root and copy arbitrary host files during install High
CVE-2026-44641 was published for apm-cli (pip) May 7, 2026
0xmrma Credited to 0xmrma
bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass High
CVE-2026-44714 was published for org.bitcoinj:bitcoinj-core (Maven) May 8, 2026
jmecom Credited to jmecom, msgilligan, and schildbach msgilligan msgilligan
schildbach schildbach
Fleet has a Windows MDM management endpoint authentication bypass High
CVE-2026-23998 was published for github.com/fleetdm/fleet/v4 (Go) May 14, 2026
Flowise has an MCP Security Bypass that Enables RCE High
GHSA-m99r-2hxc-cp3q was published for flowise (npm) May 14, 2026
cn-panda Credited to cn-panda
ZITADEL has LDAP Filter Injection in Login Flow High
CVE-2026-44671 was published for github.com/zitadel/zitadel (Go) May 8, 2026
Proscan-one Credited to Proscan-one, livio-a, and wim07101993 livio-a livio-a
wim07101993 wim07101993
python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection High
CVE-2026-45370 was published for utcp-cli (pip) May 14, 2026
ZeroXJacks Credited to ZeroXJacks
ex_webrtc client-role handshake is missing DTLS peer fingerprint validation High
CVE-2026-44700 was published for ex_webrtc (Erlang) May 8, 2026
songxpu Credited to songxpu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database