GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
5,595 advisories
Filter by severity
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`
High
CVE-2026-49986
was published
for
neuro-cortex-memory
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MSI translationVectors[]
High
CVE-2022-46295
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom)
High
CVE-2022-46294
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)
High
CVE-2022-46293
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian translationVectors[]
High
CVE-2022-46291
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant)
High
CVE-2022-46290
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser
High
CVE-2022-46289
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in PQS pFormat
High
CVE-2022-46280
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in MSI atom parser
High
CVE-2022-44451
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOL2 attribute/value parser
High
CVE-2022-43607
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in PQS coord_file parser
High
CVE-2022-43467
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in GRO residue parser
High
CVE-2022-42885
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in CSR PadString (title field)
High
CVE-2022-41793
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian coords_type orientation parser
High
CVE-2022-37331
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds read in PQS lowerit (pre-buffer read)
Moderate
CVE-2025-11000
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt
Moderate
CVE-2025-10999
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines
Low
CVE-2025-10998
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies
High
CVE-2025-10997
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
High
CVE-2025-10996
was published
for
openbabel
(pip)
Jun 30, 2026
Open Babel has out-of-bounds write (overlapping memcpy) in zipstream basic_unzip_streambuf::underflow
Low
CVE-2025-10995
was published
for
openbabel
(pip)
Jun 30, 2026
Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule
Low
CVE-2025-10994
was published
for
openbabel
(pip)
Jun 30, 2026
Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence
Low
CVE-2026-3408
was published
for
openbabel
(pip)
Jun 30, 2026
Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge
Low
CVE-2026-2705
was published
for
openbabel
(pip)
Jun 30, 2026
Open Babel has an out-of-bounds read in CIF transform3d::DescribeAsString
Low
CVE-2026-2704
was published
for
openbabel
(pip)
Jun 30, 2026
mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind
Critical
CVE-2026-49257
was published
for
mcp-pinot-server
(pip)
Jun 26, 2026
ProTip!
Advisories are also available from the
GraphQL API