GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
npm PraisonAI codeMode sandbox escape via Function constructor
Critical
GHSA-vmmj-pfw7-fjwp
was published
for
praisonai
(npm)
Jun 18, 2026
Duplicate Advisory: PickleScan's profile.run blocklist mismatch allows exec() bypass
Critical
GHSA-4mpj-78p6-rj59
was published
for
picklescan
(pip)
Jun 17, 2026
•
withdrawn
Duplicate Advisory: Picklescan has Incomplete List of Disallowed Inputs
Critical
GHSA-6v84-v468-3c7f
was published
for
picklescan
(pip)
Jun 17, 2026
•
withdrawn
Duplicate Advisory: Picklescan does not block ctypes
Critical
GHSA-7f79-rvx6-vxc4
was published
for
picklescan
(pip)
Jun 17, 2026
•
withdrawn
PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)
Critical
CVE-2026-47392
was published
for
PraisonAI
(pip)
May 29, 2026
Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability
Critical
CVE-2026-41264
was published
for
flowise
(npm)
Apr 21, 2026
Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability
Critical
CVE-2026-41265
was published
for
flowise
(npm)
Apr 18, 2026
LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf
Critical
CVE-2026-34177
was published
for
github.com/canonical/lxd
(Go)
Apr 10, 2026
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
Critical
CVE-2026-32940
was published
for
github.com/siyuan-note/siyuan
(Go)
Mar 17, 2026
PickleScan has multiple stdlib modules with direct RCE not in blocklist
Critical
GHSA-g38g-8gr9-h9xp
was published
for
picklescan
(pip)
Mar 3, 2026
PickleScan's profile.run blocklist mismatch allows exec() bypass
Critical
CVE-2026-53873
was published
for
picklescan
(pip)
Mar 3, 2026
OpenClaw is vulnerable to validation bypass through GNU long-option abbreviations in allowlist mode
Critical
CVE-2026-28363
was published
for
openclaw
(npm)
Feb 27, 2026
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
Critical
CVE-2023-45133
was published
for
@babel/traverse
(npm)
Oct 16, 2023
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Critical
CVE-2021-21697
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Incomplete List of Disallowed Inputs in SOFA-Hessian
Critical
CVE-2019-9212
was published
for
com.alipay.sofa:hessian
(Maven)
Mar 6, 2019
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution
Critical
CVE-2017-15095
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 18, 2018
FasterXML jackson-databind allows unauthenticated remote code execution
Critical
CVE-2018-7489
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 16, 2018
jackson-databind is vulnerable to a deserialization flaw
Critical
CVE-2017-7525
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 16, 2018
Safemode Gem Has Incomplete List of Disallowed Inputs
Critical
CVE-2017-7540
was published
for
safemode
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API