Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,812
Maven
5,000+
npm
4,426
NuGet
773
pip
4,203
Pub
12
RubyGems
968
Rust
1,086
Swift
47
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks Moderate
CVE-2026-21894 was published for n8n (npm) Jan 7, 2026
nkoorty jjjutla
tundra-centaur
Credited to nkoorty, jjjutla, and tundra-centaur
BentoML SSRF Vulnerability in File Upload Processing Critical
CVE-2025-54381 was published for bentoml (pip) Jul 29, 2025
tundra-centaur jjjutla
nkoorty
Credited to tundra-centaur, jjjutla, and nkoorty
Gradio Allows Unauthorized File Copy via Path Manipulation Moderate
CVE-2025-48889 was published for gradio (pip) May 29, 2025
jjjutla nkoorty
pventuzelo
Credited to jjjutla, nkoorty, and pventuzelo
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database