GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
59 advisories
Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
Critical
CVE-2025-67511
was published
for
cai-framework
(pip)
Dec 9, 2025
mcp-kubernetes-server has a Command Injection vulnerability
Moderate
CVE-2025-59376
was published
for
mcp-kubernetes-server
(pip)
Sep 15, 2025
Withdrawn Advisory: Dask Vulnerable to Command Injection
Critical
CVE-2024-10096
was published
for
dask
(pip)
Mar 20, 2025
•
withdrawn
XPixelGroup BasicSR Command Injection
Moderate
CVE-2024-27763
was published
for
basicsr
(pip)
Mar 12, 2025
virtualenv allows command injection through activation scripts for a virtual environment
High
CVE-2024-53899
was published
for
virtualenv
(pip)
Nov 24, 2024
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
Critical
CVE-2024-5023
was published
for
consoleme
(pip)
May 16, 2024
RCE in TranformGraph().to_dot_graph function
High
CVE-2023-41334
was published
for
astropy
(pip)
Mar 18, 2024
pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string
Critical
CVE-2024-23346
was published
for
pymatgen
(pip)
Feb 21, 2024
ProTip!
Advisories are also available from the
GraphQL API