Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

499 advisories

Loading
Code Index MCP is vulnerable to Uncontrolled Resource Consumption Low
CVE-2026-10692 was published for code-index-mcp (pip) Jun 3, 2026
hermes-agent has an Injection issue Low
CVE-2026-10222 was published for hermes-agent (pip) Jun 1, 2026
Apache Airflow has an Incorrect Authorization issue Low
CVE-2026-45426 was published for apache-airflow (pip) Jun 1, 2026
Apache Airflow has an Improper Authorization issue Low
CVE-2026-40963 was published for apache-airflow (pip) Jun 1, 2026
Aider has an SSRF vulnerability through its AWS EC2 Metadata Endpoint Low
CVE-2026-10177 was published for aider-chat (pip) May 31, 2026
Aider is vulnerable to Code Injection via editor_coder.run function Low
CVE-2026-10175 was published for aider-chat (pip) May 31, 2026
alanturing881 Credited to alanturing881
Linuxfabrik Monitoring Plugins allow insecure creation of SQLite databases Low
CVE-2026-53759 was published for linuxfabrik-lib (pip) Jul 6, 2026
OoYo0uto Credited to OoYo0uto
Kiwi TCMS's /init-db/ page renders and responds to requests after first use Low
CVE-2026-49292 was published for kiwitcms (pip) Jul 2, 2026
keyur-mehta Credited to keyur-mehta
pretix vulnerable to Authorization Bypass Through User-Controlled Key Low
CVE-2026-9712 was published for pretix (pip) May 27, 2026
Duplicate Advisory: Open Babel has out-of-bounds read in PQS lowerit (pre-buffer read) Low
GHSA-7x26-54jj-cvhr was published for openbabel (pip) Sep 26, 2025 withdrawn
Duplicate Advisory: Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt Low
GHSA-62mq-grc2-53j3 was published for openbabel (pip) Sep 26, 2025 withdrawn
Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines Low
CVE-2025-10998 was published for openbabel (pip) Jul 1, 2026
Duplicate Advisory: Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines Low
GHSA-hvp2-4h2f-26w4 was published for openbabel (pip) Sep 26, 2025 withdrawn
Duplicate Advisory: Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies Low
GHSA-95gx-jmhp-5p29 was published for openbabel (pip) Sep 26, 2025 withdrawn
Duplicate Advisory: Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles Low
GHSA-9p6c-jcw8-x98f was published for openbabel (pip) Sep 26, 2025 withdrawn
Duplicate Advisory: Open Babel has out-of-bounds write (overlapping memcpy) in zipstream basic_unzip_streambuf::underflow Low
GHSA-5gfq-xrq4-34rj was published for openbabel (pip) Sep 26, 2025 withdrawn
Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule Low
CVE-2025-10994 was published for openbabel (pip) Jun 30, 2026
Duplicate Advisory: Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule Low
GHSA-5fgf-q57f-wwqf was published for openbabel (pip) Sep 26, 2025 withdrawn
Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence Low
CVE-2026-3408 was published for openbabel (pip) Jun 30, 2026
VedantMadane Credited to VedantMadane
ProTip! Advisories are also available from the GraphQL API