Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak Critical
CVE-2026-55450 was published for langflow (pip) Jun 17, 2026
vbCrLf Credited to vbCrLf, Jkavia, erichare, AntonioABLima, andifilhohub, and Adam-Aghili Jkavia Jkavia
erichare erichare AntonioABLima AntonioABLima andifilhohub andifilhohub Adam-Aghili Adam-Aghili
Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read Moderate
CVE-2026-48520 was published for langflow (pip) Jun 16, 2026
vbCrLf Credited to vbCrLf, keval718, and andifilhohub keval718 keval718
andifilhohub andifilhohub
Langflow: Unauthenticated RCE in Shareable Playgrounds Critical
CVE-2026-48519 was published for langflow (pip) Jun 16, 2026
vbCrLf Credited to vbCrLf, Jkavia, andifilhohub, and AntonioABLima Jkavia Jkavia
andifilhohub andifilhohub AntonioABLima AntonioABLima
n8n Vulnerable to Hijacking of Unauthenticated Chat Execution Moderate
CVE-2026-42228 was published for n8n (npm) Apr 29, 2026
34selen Credited to 34selen, Aikido-Security, JorianWoltjer, reindaelman, grumpinout1, and vbCrLf Aikido-Security Aikido-Security
JorianWoltjer JorianWoltjer reindaelman reindaelman grumpinout1 grumpinout1 vbCrLf vbCrLf
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database