Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

879 advisories

Loading
aiosmtplib vulnerable to SMTP command injection via CR/LF in sender/recipient address Moderate
CVE-2026-53533 was published for aiosmtplib (pip) Jul 7, 2026
tonghuaroot Credited to tonghuaroot
Net::IMAP: Command Injection via ID command argument Moderate
CVE-2026-47242 was published for net-imap (RubyGems) Jun 9, 2026
nevans Credited to nevans
Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument Moderate
CVE-2026-47240 was published for net-imap (RubyGems) Jun 9, 2026
nevans Credited to nevans
GoClaw has a Command Injection issue Moderate
CVE-2026-10219 was published for github.com/nextlevelbuilder/goclaw (Go) Jun 1, 2026
A security vulnerability has been detected in FoundDream miniclawd up to... Moderate Unreviewed
CVE-2026-9452 was published May 26, 2026
A vulnerability was determined in NousResearch hermes-agent up to... Moderate Unreviewed
CVE-2026-9367 was published May 26, 2026
Insufficient Validation of Names During AXFR Moderate Unreviewed
CVE-2026-42000 was published May 21, 2026
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp... Moderate Unreviewed
CVE-2026-7785 was published May 5, 2026
net-imap vulnerable to command Injection via "raw" arguments to multiple commands Moderate
CVE-2026-42257 was published for net-imap (RubyGems) May 4, 2026
manunio Credited to manunio and nevans nevans nevans
net-imap vulnerable to command Injection via unvalidated Symbol inputs Moderate
CVE-2026-42258 was published for net-imap (RubyGems) May 4, 2026
manunio Credited to manunio
ProTip! Advisories are also available from the GraphQL API