Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
PraisonAI: Jobs webhook SSRF protection bypass via DNS rebinding High
GHSA-rjvw-7vvw-549v was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
Diffusers: TOCTOU Trust Remote Code Bypass High
CVE-2026-45804 was published for diffusers (pip) May 20, 2026
zafido Credited to zafido and gal-zafran gal-zafran gal-zafran
ONNX: TOCTOU arbitrary file read/write in save_external_dat High
GHSA-q56x-g2fj-4rj6 was published for onnx (pip) Apr 1, 2026
tsigouris007 Credited to tsigouris007 and kpatsakis kpatsakis kpatsakis
ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape High
GHSA-vp47-9734-prjw was published for asteval (pip) Jan 23, 2025
SteakEnthusiast Credited to SteakEnthusiast
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
Insecure temporary file in Tensorflow High
CVE-2022-23563 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API