GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
2,147 advisories
Filter by severity
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`
High
CVE-2026-49986
was published
for
neuro-cortex-memory
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MSI translationVectors[]
High
CVE-2022-46295
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom)
High
CVE-2022-46294
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)
High
CVE-2022-46293
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian translationVectors[]
High
CVE-2022-46291
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant)
High
CVE-2022-46290
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser
High
CVE-2022-46289
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in PQS pFormat
High
CVE-2022-46280
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in MSI atom parser
High
CVE-2022-44451
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in MOL2 attribute/value parser
High
CVE-2022-43607
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in PQS coord_file parser
High
CVE-2022-43467
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has uninitialized pointer dereference in GRO residue parser
High
CVE-2022-42885
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in CSR PadString (title field)
High
CVE-2022-41793
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian coords_type orientation parser
High
CVE-2022-37331
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies
High
CVE-2025-10997
was published
for
openbabel
(pip)
Jul 1, 2026
Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
High
CVE-2025-10996
was published
for
openbabel
(pip)
Jun 30, 2026
mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call
High
CVE-2026-49291
was published
for
mcp-memory-service
(pip)
Jun 26, 2026
python-socketio: Binary attachment accumulation can cause denial of service
High
CVE-2026-48804
was published
for
python-socketio
(pip)
Jun 26, 2026
python-engineio has unbound thread allocation that can cause denial of service
High
CVE-2026-48802
was published
for
python-engineio
(pip)
Jun 26, 2026
python-engineio has possible denial of service due to maximum payload size sometimes not being enforced
High
CVE-2026-48809
was published
for
python-engineio
(pip)
Jun 26, 2026
Lemur has an authorization bypass in StrictRolePermission / AuthorityCreatorPermission
High
CVE-2026-48508
was published
for
lemur
(pip)
Jun 25, 2026
amazon-braket-sdk vulnerable to Insecure Deserialization via pickle.loads()
High
CVE-2026-9291
was published
for
amazon-braket-sdk
(pip)
Jun 25, 2026
motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read
High
CVE-2026-55488
was published
for
motioneye
(pip)
Jun 23, 2026
OctoPrint has possible file exfiltration via query parameters on upload endpoints
High
CVE-2026-54134
was published
for
OctoPrint
(pip)
Jun 23, 2026
Glances has arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration
High
CVE-2026-53925
was published
for
glances
(pip)
Jun 23, 2026
ProTip!
Advisories are also available from the
GraphQL API