Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,080
Maven
5,000+
npm
5,000+
NuGet
994
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,412
Swift
61
Unreviewed advisories
All unreviewed
5,000+

2 advisories

Loading
vLLM: OpenAI auth bypass Critical
CVE-2026-48746 was published for vllm (pip) Jun 16, 2026
x41j Credited to x41j, russellb, and DarkLight1337 russellb russellb
DarkLight1337 DarkLight1337
Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks Moderate
CVE-2026-48710 was published for starlette (pip) Jun 4, 2026
x41j Credited to x41j, ehhthing, and nic-lovin ehhthing ehhthing
nic-lovin nic-lovin
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database