GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,269
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,487
Swift
61
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Concourse login flow has an open redirect issue
Low
CVE-2026-49826
was published
for
github.com/concourse/concourse
(Go)
Jul 1, 2026
Probo has an open redirect bypass via path normalization
Moderate
CVE-2026-49820
was published
for
go.probo.inc/probo
(Go)
Jun 30, 2026
Flask-Security has an Open Redirect issue
Moderate
GHSA-w2j7-f3c6-g8cw
was published
for
Flask-Security
(pip)
Jun 23, 2026
Open Redirect Bypass in miniflux-v2
Moderate
CVE-2026-55185
was published
for
miniflux.app/v2
(Go)
Jun 19, 2026
local-deep-research has an SSRF bypass in `safe_get`
Moderate
CVE-2026-46526
was published
for
local-deep-research
(pip)
May 28, 2026
Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url`
High
CVE-2026-45400
was published
for
open-webui
(pip)
May 14, 2026
Amazon Redshift Vulnerable to Remote Code Execution via Unsafe Class Loading
Critical
CVE-2026-8178
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 14, 2026
Bunsink has an SSRF bypass in `validate_webhook_url`
Moderate
CVE-2026-44502
was published
for
bugsink
(pip)
May 8, 2026
PraisonAI has an SSRF bypass
High
CVE-2026-44335
was published
for
praisonaiagents
(pip)
May 6, 2026
vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `
Moderate
CVE-2026-34753
was published
for
vllm
(pip)
Apr 3, 2026
JupyterHub has an Open Redirect Vulnerability
Moderate
CVE-2026-33709
was published
for
jupyterhub
(pip)
Apr 3, 2026
OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation
Moderate
CVE-2026-34426
was published
for
openclaw
(npm)
Mar 26, 2026
ProTip!
Advisories are also available from the
GraphQL API