GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
89 advisories
PraisonAI Has Second-Order SQL Injection in `get_all_user_threads`
Critical
CVE-2026-34934
was published
for
praisonai
(pip)
Apr 1, 2026
SciTokens is vulnerable to SQL Injection in KeyCache
Critical
CVE-2026-32714
was published
for
scitokens
(pip)
Mar 31, 2026
MobSF has SQL Injection in its SQLite Database Viewer Utils
Moderate
CVE-2026-33545
was published
for
mobsf
(pip)
Mar 24, 2026
Glances has a SQL Injection in DuckDB Export via Unparameterized DDL Statements
High
CVE-2026-32611
was published
for
Glances
(pip)
Mar 16, 2026
Glances has SQL Injection via Process Names in TimescaleDB Export
High
CVE-2026-30930
was published
for
Glances
(pip)
Mar 9, 2026
CocoIndex Doris target connector didn't verify table name when constructing ALTER TABLE statements
High
CVE-2026-28438
was published
for
cocoindex
(pip)
Mar 2, 2026
ormar is vulnerable to SQL Injection through aggregate functions min() and max()
Critical
CVE-2026-26198
was published
for
ormar
(pip)
Feb 23, 2026
Parsl Monitoring Visualization Vulnerable to SQL Injection
Moderate
CVE-2026-21892
was published
for
parsl
(pip)
Jan 6, 2026
LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method
High
CVE-2025-67644
was published
for
langgraph-checkpoint-sqlite
(pip)
Dec 10, 2025
asyncmy is vulnerable to SQL injection via crafted dict keys
Critical
CVE-2025-65896
was published
for
asyncmy
(pip)
Dec 2, 2025
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects.
Critical
CVE-2025-64459
was published
for
django
(pip)
Nov 5, 2025
LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore
High
CVE-2025-64104
was published
for
langgraph-checkpoint-sqlite
(pip)
Oct 29, 2025
ProTip!
Advisories are also available from the
GraphQL API