Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,147 advisories

Loading
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR` High
CVE-2026-49986 was published for neuro-cortex-memory (pip) Jul 1, 2026
EQSTLab Credited to EQSTLab and useworld useworld useworld
Open Babel has out-of-bounds write in MSI translationVectors[] High
CVE-2022-46295 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom) High
CVE-2022-46294 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT) High
CVE-2022-46293 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian translationVectors[] High
CVE-2022-46291 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant) High
CVE-2022-46290 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in ORCA nAtoms parser High
CVE-2022-46289 was published for openbabel (pip) Jul 1, 2026
Open Babel has uninitialized pointer dereference in PQS pFormat High
CVE-2022-46280 was published for openbabel (pip) Jul 1, 2026
Open Babel has uninitialized pointer dereference in MSI atom parser High
CVE-2022-44451 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in MOL2 attribute/value parser High
CVE-2022-43607 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in PQS coord_file parser High
CVE-2022-43467 was published for openbabel (pip) Jul 1, 2026
Open Babel has uninitialized pointer dereference in GRO residue parser High
CVE-2022-42885 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in CSR PadString (title field) High
CVE-2022-41793 was published for openbabel (pip) Jul 1, 2026
Open Babel has out-of-bounds write in Gaussian coords_type orientation parser High
CVE-2022-37331 was published for openbabel (pip) Jul 1, 2026
Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies High
CVE-2025-10997 was published for openbabel (pip) Jul 1, 2026
Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles High
CVE-2025-10996 was published for openbabel (pip) Jun 30, 2026
mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call High
CVE-2026-49291 was published for mcp-memory-service (pip) Jun 26, 2026
DavidCarliez Credited to DavidCarliez
python-socketio: Binary attachment accumulation can cause denial of service High
CVE-2026-48804 was published for python-socketio (pip) Jun 26, 2026
mauriceng98 Credited to mauriceng98
python-engineio has unbound thread allocation that can cause denial of service High
CVE-2026-48802 was published for python-engineio (pip) Jun 26, 2026
mauriceng98 Credited to mauriceng98
python-engineio has possible denial of service due to maximum payload size sometimes not being enforced High
CVE-2026-48809 was published for python-engineio (pip) Jun 26, 2026
Lemur has an authorization bypass in StrictRolePermission / AuthorityCreatorPermission High
CVE-2026-48508 was published for lemur (pip) Jun 25, 2026
hits313 Credited to hits313
amazon-braket-sdk vulnerable to Insecure Deserialization via pickle.loads() High
CVE-2026-9291 was published for amazon-braket-sdk (pip) Jun 25, 2026
motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read High
CVE-2026-55488 was published for motioneye (pip) Jun 23, 2026
pizza-power Credited to pizza-power, sermikr0, C4spr0x1A, MichaIng, and alanturing881 sermikr0 sermikr0
C4spr0x1A C4spr0x1A MichaIng MichaIng alanturing881 alanturing881
OctoPrint has possible file exfiltration via query parameters on upload endpoints High
CVE-2026-54134 was published for OctoPrint (pip) Jun 23, 2026
seankohjs Credited to seankohjs and jacopotediosi jacopotediosi jacopotediosi
sondt99 Credited to sondt99 and dungNHVhust dungNHVhust dungNHVhust
ProTip! Advisories are also available from the GraphQL API