Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

2,486 advisories

Loading
WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a... Moderate Unreviewed
CVE-2026-8612 was published May 15, 2026
TanStack Start - Server Core: Inbound server-function request deserialization could invoke a sibling client-referenced server function Moderate
GHSA-9m65-766c-r333 was published for @tanstack/start-server-core (npm) May 14, 2026
mufeedvh Credited to mufeedvh
GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10... Moderate Unreviewed
CVE-2026-1184 was published May 14, 2026
An authenticated remote code execution vulnerability through undisclosed vectors exists in the... High Unreviewed
CVE-2026-41957 was published May 13, 2026
LangSmith SDK: Public prompt pull deserializes untrusted manifests without trust boundary warning High
CVE-2026-45134 was published for langchain (npm) May 13, 2026
Moaaz-0x Credited to Moaaz-0x and berardinellidaniele berardinellidaniele berardinellidaniele
Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of... Critical Unreviewed
CVE-2026-34659 was published May 12, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-35439 was published May 12, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-40368 was published May 12, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-40357 was published May 12, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-33112 was published May 12, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed
CVE-2026-33110 was published May 12, 2026
The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its... Critical Unreviewed
CVE-2026-31235 was published May 12, 2026
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) through its... Critical Unreviewed
CVE-2026-31237 was published May 12, 2026
The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502)... Critical Unreviewed
CVE-2026-31239 was published May 12, 2026
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model... Critical Unreviewed
CVE-2026-31238 was published May 12, 2026
The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains an insecure deserialization... Critical Unreviewed
CVE-2026-31229 was published May 12, 2026
Horovod thru 0.28.1 contains an insecure deserialization vulnerability (CWE-502) in its KVStore... Critical Unreviewed
CVE-2026-31234 was published May 12, 2026
The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains... High Unreviewed
CVE-2026-31232 was published May 12, 2026
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in... High Unreviewed
CVE-2026-31224 was published May 12, 2026
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in... High Unreviewed
CVE-2026-31222 was published May 12, 2026
The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability (CWE... High Unreviewed
CVE-2026-31223 was published May 12, 2026
The _load_model() function in the neural_magic_training.py script of the optimate project in... High Unreviewed
CVE-2026-31219 was published May 12, 2026
PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability ... High Unreviewed
CVE-2026-31221 was published May 12, 2026
The torch-checkpoint-shrink.py script in the ml-engineering project in commit... Critical Unreviewed
CVE-2026-31214 was published May 12, 2026
The _load_model() function in the neural_magic_training.py script of the optimate project in... High Unreviewed
CVE-2026-31218 was published May 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database