GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
279 advisories
Flowise has Remote Code Execution vulnerability
Critical
GHSA-3gcm-f6qx-ff7p
was published
for
flowise
(npm)
Sep 15, 2025
FlowiseAI Pre-Auth Arbitrary Code Execution
Critical
GHSA-7944-7c6r-55vv
was published
for
flowise
(npm)
Sep 15, 2025
Livewire is vulnerable to remote command execution during component property update hydration
Critical
CVE-2025-54068
was published
for
livewire/livewire
(Composer)
Jul 17, 2025
pyLoad vulnerable to XSS through insecure CAPTCHA
Critical
CVE-2025-53890
was published
for
pyload-ng
(pip)
Jul 15, 2025
XWiki Rendering is vulnerable to RCE attacks when processing nested macros
Critical
CVE-2025-53836
was published
for
org.xwiki.rendering:xwiki-rendering-transformation-macro
(Maven)
Jul 14, 2025
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
Critical
CVE-2025-49132
was published
for
pterodactyl/panel
(Composer)
Jun 19, 2025
Langroid has a Code Injection vulnerability in TableChatAgent
Critical
CVE-2025-46724
was published
for
langroid
(pip)
May 20, 2025
Flowise allows arbitrary file write to RCE
Critical
GHSA-8vvx-qvq9-5948
was published
for
flowise
(npm)
Mar 14, 2025
graphql allows remote code execution when loading a crafted GraphQL schema
Critical
CVE-2025-27407
was published
for
graphql
(RubyGems)
Mar 12, 2025
Mautic allows Remote Code Execution and File Deletion in Asset Uploads
Critical
CVE-2024-47051
was published
for
mautic/core
(Composer)
Feb 26, 2025
Mongoose search injection vulnerability
Critical
CVE-2025-23061
was published
for
mongoose
(npm)
Jan 15, 2025
Apache MINA Deserialization RCE Vulnerability
Critical
CVE-2024-52046
was published
for
org.apache.mina:mina-core
(Maven)
Dec 25, 2024
ProTip!
Advisories are also available from the
GraphQL API