GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
986 advisories
Withdrawn Advisory: Gradio was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py
Critical
CVE-2024-39236
was published
for
Gradio
(pip)
Jul 1, 2024
•
withdrawn
FlowiseAI Pre-Auth Arbitrary Code Execution
Critical
CVE-2025-57164
was published
for
flowise
(npm)
Sep 15, 2025
Mautic allows Remote Code Execution and File Deletion in Asset Uploads
Critical
CVE-2024-47051
was published
for
mautic/core
(Composer)
Feb 26, 2025
Happy DOM: VM Context Escape can lead to Remote Code Execution
Critical
CVE-2025-61927
was published
for
happy-dom
(npm)
Oct 10, 2025
j178/prek-action vulnerable to arbitrary code injection in composite action
Critical
GHSA-pwf7-47c3-mfhx
was published
for
j178/prek-action
(GitHub Actions)
Sep 29, 2025
Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning
Critical
CVE-2025-59823
was published
for
github.com/gardener/gardener-extension-provider-aws
(Go)
Sep 25, 2025
Flowise has Remote Code Execution vulnerability
Critical
CVE-2025-59528
was published
for
flowise
(npm)
Sep 15, 2025
ProTip!
Advisories are also available from the
GraphQL API