GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,304 advisories
Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK
Critical
CVE-2025-47275
was published
for
auth0/auth0-php
(Composer)
May 16, 2025
Langroid has a Code Injection vulnerability in TableChatAgent
Critical
CVE-2025-46724
was published
for
langroid
(pip)
May 20, 2025
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
Critical
CVE-2025-47277
was published
for
vllm
(pip)
May 20, 2025
InvokeAI Deserialization of Untrusted Data vulnerability
Critical
CVE-2024-12029
was published
for
InvokeAI
(pip)
Mar 21, 2025
samlify SAML Signature Wrapping attack
Critical
CVE-2025-47949
was published
for
samlify
(npm)
May 19, 2025
laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
Critical
GHSA-9fwj-9mjf-rhj3
was published
for
auth0/login
(Composer)
May 17, 2025
Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
Critical
GHSA-2f4r-34m4-3w8q
was published
for
auth0/wordpress
(Composer)
May 17, 2025
Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
Critical
GHSA-9wg9-93h9-j8ch
was published
for
auth0/symfony
(Composer)
May 17, 2025
ThinkAdmin insecure unserialize vulnerability
Critical
CVE-2020-23653
was published
for
zoujingli/thinkadmin
(Composer)
May 24, 2022
OPKSSH Vulnerable to Authentication Bypass
Critical
CVE-2025-4658
was published
for
github.com/openpubkey/opkssh
(Go)
May 13, 2025
OpenPubkey Vulnerable to Authentication Bypass
Critical
CVE-2025-3757
was published
for
github.com/openpubkey/openpubkey
(Go)
May 13, 2025
ProTip!
Advisories are also available from the
GraphQL API