GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,006 advisories
Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass
High
GHSA-9gvj-pp9x-gcfr
was published
for
picklescan
(pip)
Aug 12, 2025
MS SWIFT Remote Code Execution via unsafe PyYAML deserialization
Low
CVE-2025-50460
was published
for
ms-swift
(pip)
Jul 31, 2025
MS SWIFT Deserialization RCE Vulnerability
Moderate
GHSA-r54c-2xmf-2cf3
was published
for
ms-swift
(pip)
Jul 31, 2025
Apache Avro Java SDK vulnerable to Improper Input Validation
High
CVE-2023-39410
was published
for
org.apache.avro:avro
(Maven)
Sep 29, 2023
LangChain pickle deserialization of untrusted data
High
CVE-2024-5998
was published
for
langchain-community
(pip)
Sep 17, 2024
Withdrawn: Fortra GoAnywhere MFT Deserialization of Untrusted Data vulnerability affects metasploit-framework
High
CVE-2023-0669
was published
for
metasploit-framework
(RubyGems)
Feb 6, 2023
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API