Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
Pi Agent: Pi loads project-local extensions without approval Moderate
CVE-2026-54325 was published for @earendil-works/pi-coding-agent (npm) Jun 17, 2026
qerogram Credited to qerogram, urianpaul94, EQSTLab, kamalmarhubi, and useworld urianpaul94 urianpaul94
EQSTLab EQSTLab kamalmarhubi kamalmarhubi useworld useworld
SearXNG MCP Server: DNS-resolved Private Hostname SSRF in `web_url_read` High
GHSA-mrvx-jmjw-vggc was published for mcp-searxng (npm) Jun 19, 2026
EQSTLab Credited to EQSTLab and useworld useworld useworld
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR` High
CVE-2026-49986 was published for neuro-cortex-memory (pip) Jul 1, 2026
EQSTLab Credited to EQSTLab and useworld useworld useworld
ProTip! Advisories are also available from the GraphQL API