Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL High
CVE-2026-25640 was published for pydantic-ai (pip) Feb 6, 2026
doredry urioren
amiteliahu
Credited to doredry, urioren, and amiteliahu
Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK Critical
CVE-2026-25592 was published for Microsoft.SemanticKernel.Core (NuGet) Feb 6, 2026
doredry amiteliahu
urioren
Credited to doredry, amiteliahu, and urioren
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling High
CVE-2026-25580 was published for pydantic-ai (pip) Feb 6, 2026
YuvalElbar6 doredry
Credited to YuvalElbar6 and doredry
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database