Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,006 advisories

Loading
ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via... Critical Unreviewed
CVE-2025-45146 was published Aug 11, 2025
Duplicate Advisory: Keras safe mode bypass vulnerability High
GHSA-pwq7-2gvj-vg9v was published for keras (pip) Aug 11, 2025 withdrawn
Apache Seata: Deserialization of untrusted Data in Apache Seata Server High
CVE-2025-53606 was published for org.apache.seata:seata-serializer-fury (Maven) Aug 8, 2025
ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a... Moderate Unreviewed
CVE-2025-55136 was published Aug 7, 2025
SKOPS Card.get_model happily allows arbitrary code execution High
CVE-2025-54886 was published for skops (pip) Aug 7, 2025
io-no
Credited to io-no
ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54639 was published Aug 6, 2025
ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54640 was published Aug 6, 2025
Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-54638 was published Aug 6, 2025
Deserialization vulnerability of untrusted data in the ability module. Impact: Successful... Moderate Unreviewed
CVE-2025-54620 was published Aug 6, 2025
The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through... Critical Unreviewed
CVE-2025-50472 was published Aug 1, 2025
MS SWIFT Deserialization RCE Vulnerability Moderate
GHSA-r54c-2xmf-2cf3 was published for ms-swift (pip) Jul 31, 2025
TencentAISec
Credited to TencentAISec
MS SWIFT Remote Code Execution via unsafe PyYAML deserialization Low
CVE-2025-50460 was published for ms-swift (pip) Jul 31, 2025
Anchor0221
Credited to Anchor0221
CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after... High Unreviewed
CVE-2025-49083 was published Jul 31, 2025
Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to... High Unreviewed
CVE-2025-53078 was published Jul 29, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8227 was published Jul 27, 2025
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local... High Unreviewed
CVE-2025-26397 was published Jul 25, 2025
Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows... Moderate Unreviewed
CVE-2025-4393 was published Jul 25, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Low Unreviewed
CVE-2025-43489 was published Jul 23, 2025
WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability,... Critical Unreviewed
CVE-2025-7916 was published Jul 21, 2025
A vulnerability classified as critical was found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7876 was published Jul 20, 2025
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an... Critical Unreviewed
CVE-2025-53770 was published Jul 20, 2025
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for... Critical Unreviewed
CVE-2025-7697 was published Jul 19, 2025
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for... Critical Unreviewed
CVE-2025-7696 was published Jul 19, 2025
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device... High Unreviewed
CVE-2025-7433 was published Jul 17, 2025
Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object... Critical Unreviewed
CVE-2025-30973 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database