Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,044
Maven
5,000+
npm
4,782
NuGet
825
pip
4,382
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
n8n has Webhook Forgery on Zendesk Trigger Node Moderate
GHSA-38c7-23hj-2wgq was published for n8n (npm) Feb 26, 2026
nkoorty Credited to nkoorty and jjjutla jjjutla jjjutla
n8n Vulnerable to Arbitrary File Write on Remote Systems via SSH Node High
CVE-2026-25055 was published for n8n (npm) Feb 4, 2026
nkoorty Credited to nkoorty and jjjutla jjjutla jjjutla
n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks Moderate
CVE-2026-21894 was published for n8n (npm) Jan 7, 2026
nkoorty Credited to nkoorty, jjjutla, and geckosecurity jjjutla jjjutla
geckosecurity geckosecurity
BentoML SSRF Vulnerability in File Upload Processing Critical
CVE-2025-54381 was published for bentoml (pip) Jul 29, 2025
geckosecurity Credited to geckosecurity, jjjutla, and nkoorty jjjutla jjjutla
nkoorty nkoorty
Gradio Allows Unauthorized File Copy via Path Manipulation Moderate
CVE-2025-48889 was published for gradio (pip) May 29, 2025
jjjutla Credited to jjjutla, nkoorty, and pventuzelo nkoorty nkoorty
pventuzelo pventuzelo
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database