Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

5,380 advisories

Loading
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak Critical
CVE-2026-55450 was published for langflow (pip) Jun 17, 2026
vbCrLf Credited to vbCrLf, Jkavia, erichare, AntonioABLima, andifilhohub, and Adam-Aghili Jkavia Jkavia
erichare erichare AntonioABLima AntonioABLima andifilhohub andifilhohub Adam-Aghili Adam-Aghili
Open WebUI: Any authenticated user can read other users' private notes via Socket.IO Moderate
CVE-2026-54022 was published for open-webui (pip) Jun 17, 2026
johnatzeropath Credited to johnatzeropath and LeftenantZero LeftenantZero LeftenantZero
Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter Moderate
CVE-2026-54021 was published for open-webui (pip) Jun 17, 2026
brodmart Credited to brodmart and Classic298 Classic298 Classic298
Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode Moderate
CVE-2026-54019 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n and Classic298 Classic298 Classic298
Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects High
CVE-2026-54018 was published for open-webui (pip) Jun 17, 2026
POV9en Credited to POV9en and Classic298 Classic298 Classic298
Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal High
CVE-2026-54017 was published for open-webui (pip) Jun 17, 2026
Tulgaaaaaaaa Credited to Tulgaaaaaaaa, sermikr0, and Classic298 sermikr0 sermikr0
Classic298 Classic298
Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration Moderate
CVE-2026-54016 was published for open-webui (pip) Jun 17, 2026
Hwwg Credited to Hwwg and Classic298 Classic298 Classic298
Open WebUI Prompt history IDOR: unbound history_id allows cross-prompt read and deletion Moderate
CVE-2026-54015 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, Classic298, and 5yu4n Classic298 Classic298
5yu4n 5yu4n
Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} Moderate
CVE-2026-54014 was published for open-webui (pip) Jun 17, 2026
AAtomical Credited to AAtomical and Classic298 Classic298 Classic298
Open WebUI: Stored XSS to Account Takeover via Model Profile Images High
CVE-2026-54013 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n and Classic298 Classic298 Classic298
Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion High
CVE-2026-54012 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, and Classic298 5yu4n 5yu4n
Classic298 Classic298
Open WebUI: Stored XSS in Mermaid Markdown Preview High
CVE-2026-54011 was published for open-webui (pip) Jun 17, 2026
ixSly Credited to ixSly and Classic298 Classic298 Classic298
Open WebUI: Forged chat-file link allows cross-user file read and deletion High
CVE-2026-54010 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, Classic298, and oxsignal 5yu4n 5yu4n
Classic298 Classic298 oxsignal oxsignal
Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field Moderate
CVE-2026-54009 was published for open-webui (pip) Jun 17, 2026
bl4ckr0ss3 Credited to bl4ckr0ss3 and Classic298 Classic298 Classic298
Open WebUI: Redirect-Bypass SSRF in OAuth `_process_picture_url` (incomplete-fix sibling of CVE-2026-45401) High
CVE-2026-54008 was published for open-webui (pip) Jun 17, 2026
matte1782 Credited to matte1782 and Classic298 Classic298 Classic298
Open WebUI: Cross-origin postMessage confirmation bypass via action:submit High
CVE-2026-54007 was published for open-webui (pip) Jun 17, 2026
Aikido-Security Credited to Aikido-Security, JorianWoltjer, grumpinout1, and Classic298 JorianWoltjer JorianWoltjer
grumpinout1 grumpinout1 Classic298 Classic298
Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendar Moderate
CVE-2026-54006 was published for open-webui (pip) Jun 17, 2026
nayakchinmohan Credited to nayakchinmohan and Classic298 Classic298 Classic298
vLLM: OOM Denial of Service via Audio Decompression Bomb Moderate
CVE-2026-54233 was published for vllm (pip) Jun 17, 2026
RTV-GIT Credited to RTV-GIT, russellb, and jperezdealgaba russellb russellb
jperezdealgaba jperezdealgaba
vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router Moderate
CVE-2026-54236 was published for vllm (pip) Jun 17, 2026
SnailSploit Credited to SnailSploit and jperezdealgaba jperezdealgaba jperezdealgaba
vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving Moderate
CVE-2026-53923 was published for vllm (pip) Jun 17, 2026
Aviral2642 Credited to Aviral2642, russellb, and jperezdealgaba russellb russellb
jperezdealgaba jperezdealgaba
vLLM: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations Moderate
GHSA-8jr5-v98p-w75m was published for vllm (pip) Jun 17, 2026
kexinoh Credited to kexinoh, russellb, jperezdealgaba, and DarkLight1337 russellb russellb
jperezdealgaba jperezdealgaba DarkLight1337 DarkLight1337
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels Moderate
CVE-2026-54235 was published for vllm (pip) Jun 17, 2026
brodmart Credited to brodmart and jperezdealgaba jperezdealgaba jperezdealgaba
LiteLLM: Authentication Bypass via Host Header Injection Critical
CVE-2026-49468 was published for litellm (pip) Jun 16, 2026
LilThawg29 Credited to LilThawg29
yt-dlp: Arbitrary command injection possible if --exec option used with yt-dlp High
GHSA-69qj-pvh9-c5wg was published for yt-dlp (pip) Jun 16, 2026
independent-arg Credited to independent-arg, bashonly, and Grub4K bashonly bashonly
Grub4K Grub4K
OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints Moderate
CVE-2026-46448 was published for nova (pip) Jun 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database