GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,104
Composer 5,317
Erlang 42
GitHub Actions 43
Go 3,151
Maven 6,299
npm 5,101
NuGet 859
pip 4,451
Pub 12
RubyGems 991
Rust 1,179
Swift 50

Unreviewed advisories

All unreviewed 293,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,290 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker Critical

CVE-2026-3059 was published for sglang (pip) Mar 12, 2026

SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module Critical

CVE-2026-3060 was published for sglang (pip) Mar 12, 2026

SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization High

CVE-2026-3989 was published for sglang (pip) Mar 12, 2026

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to... High Unreviewed

CVE-2026-26114 was published Mar 10, 2026

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker... High Unreviewed

CVE-2026-25166 was published Mar 10, 2026

CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of... High Unreviewed

CVE-2026-1286 was published Mar 10, 2026

A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to... Critical Unreviewed

CVE-2025-56422 was published Mar 10, 2026

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code... High Unreviewed

CVE-2025-11739 was published Mar 10, 2026

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads... Critical Unreviewed

CVE-2026-27685 was published Mar 10, 2026

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up... High Unreviewed

CVE-2026-2020 was published Mar 7, 2026

LangGraph checkpoint loading has unsafe msgpack deserialization Moderate

CVE-2026-28277 was published for langgraph (pip) Mar 5, 2026

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System... High Unreviewed

CVE-2026-27749 was published Mar 5, 2026

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2026-2599 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Pizza House pizzahouse allows Object... Critical Unreviewed

CVE-2026-28074 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Good Energy goodenergy allows Object... Critical Unreviewed

CVE-2026-28105 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Dentario dentario allows Object... Critical Unreviewed

CVE-2026-27439 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Kingler kingler allows Object... Critical Unreviewed

CVE-2026-27438 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object... High Unreviewed

CVE-2026-27369 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in NextScripts NextScripts social-networks-auto... High Unreviewed

CVE-2026-27379 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in SeventhQueen Sweet Date sweetdate allows... Critical Unreviewed

CVE-2026-27417 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows... Critical Unreviewed

CVE-2026-27437 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress... High Unreviewed

CVE-2026-23798 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in gerritvanaaken Podlove Web Player podlove-web... High Unreviewed

CVE-2026-24385 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in AncoraThemes Jardi jardi allows Object... Critical Unreviewed

CVE-2026-22497 was published Mar 5, 2026

Deserialization of Untrusted Data vulnerability in axiomthemes Mounthood mounthood allows Object... Critical Unreviewed

CVE-2026-22501 was published Mar 5, 2026

Previous1…92 Next

Previous 1 2 3 4 5 … 91 92 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,290 advisories