GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url`
High
CVE-2026-45400
was published
for
open-webui
(pip)
May 14, 2026
Amazon Redshift Vulnerable to Remote Code Execution via Unsafe Class Loading
Critical
CVE-2026-8178
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 14, 2026
Bunsink has an SSRF bypass in `validate_webhook_url`
Moderate
CVE-2026-44502
was published
for
bugsink
(pip)
May 8, 2026
PraisonAI has an SSRF bypass
High
CVE-2026-44335
was published
for
praisonaiagents
(pip)
May 6, 2026
vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `
Moderate
CVE-2026-34753
was published
for
vllm
(pip)
Apr 3, 2026
JupyterHub has an Open Redirect Vulnerability
Moderate
CVE-2026-33709
was published
for
jupyterhub
(pip)
Apr 3, 2026
OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation
Moderate
CVE-2026-34426
was published
for
openclaw
(npm)
Mar 26, 2026
ProTip!
Advisories are also available from the
GraphQL API