Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
n8n: Python Code Node AST Validator Bypass Moderate
GHSA-jwm3-qcfw-c5pp was published for n8n (npm) Jun 16, 2026
Mistz1 Credited to Mistz1
LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders Moderate
GHSA-gr75-jv2w-4656 was published for langchain (pip) Jun 16, 2026
Mistz1 Credited to Mistz1 and deprrous deprrous deprrous
Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API Critical
CVE-2026-29090 was published for rucio (pip) May 6, 2026
Mistz1 Credited to Mistz1 and bziemons bziemons bziemons
Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API Critical
CVE-2026-29080 was published for rucio (pip) May 6, 2026
Mistz1 Credited to Mistz1 and bziemons bziemons bziemons
NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead High
CVE-2026-27889 was published for github.com/nats-io/nats-server (Go) Mar 25, 2026
Mistz1 Credited to Mistz1 and jiayuqi7813 jiayuqi7813 jiayuqi7813
New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check Moderate
CVE-2026-30886 was published for github.com/QuantumNous/new-api (Go) Mar 23, 2026
Mistz1 Credited to Mistz1 and Calcium-Ion Calcium-Ion Calcium-Ion
Mistz1 Credited to Mistz1
Statamic allows Authenticated Control Panel users to escalate privileges via elevated session bypass High
CVE-2026-27939 was published for statamic/cms (Composer) Feb 27, 2026
Mistz1 Credited to Mistz1
ProTip! Advisories are also available from the GraphQL API