GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows
Moderate
CVE-2026-34515
was published
for
aiohttp
(pip)
Apr 1, 2026
Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+
High
CVE-2026-28414
was published
for
gradio
(pip)
Mar 1, 2026
Werkzeug safe_join not safe on Windows
Moderate
CVE-2024-49766
was published
for
Werkzeug
(pip)
Oct 25, 2024
Path traveral in Streamlit on windows
Moderate
CVE-2024-42474
was published
for
streamlit
(pip)
Aug 12, 2024
NextChat has full-read SSRF and XSS vulnerability in /api/cors endpoint
Critical
CVE-2023-49785
was published
for
nextchat
(npm)
Aug 5, 2024
Jupyter server on Windows discloses Windows user password hash
High
CVE-2024-35178
was published
for
jupyter_server
(pip)
Jun 6, 2024
Mautic is vulnerable to XSS vulnerability
Critical
CVE-2020-35125
was published
for
mautic/core
(Composer)
May 15, 2024
Gradio makes the `/file` secure against file traversal and server-side request forgery attacks
High
CVE-2023-51449
was published
for
gradio
(pip)
Dec 21, 2023
XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic
Critical
CVE-2020-35124
was published
for
mautic/core
(Composer)
Jan 19, 2021
ProTip!
Advisories are also available from the
GraphQL API