Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3,664 advisories

Loading
laravel-backup-restore has an OS Command Injection during database restore High
CVE-2026-53932 was published for wnx/laravel-backup-restore (Composer) Jul 9, 2026
YHalo-wyh Credited to YHalo-wyh
aiosmtplib vulnerable to SMTP command injection via CR/LF in sender/recipient address Moderate
CVE-2026-53533 was published for aiosmtplib (pip) Jul 7, 2026
tonghuaroot Credited to tonghuaroot
Gogs vulnerable to RCE via git rebase --exec argument injection in pull request merge Critical
CVE-2026-52806 was published for gogs.io/gogs (Go) Jun 23, 2026
Crypto-Cat Credited to Crypto-Cat
PraisonAI: IMAP Command Injection via Unsanitized Email Search Parameters High
GHSA-c969-5x3p-vq3v was published for praisonaiagents (pip) Jun 18, 2026
sondt99 Credited to sondt99
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection High
CVE-2026-54090 was published for github.com/filebrowser/filebrowser/v2 (Go) Jun 12, 2026
RajChowdhury240 Credited to RajChowdhury240
ProTip! Advisories are also available from the GraphQL API