GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
58 advisories
mcp-kubernetes-server has a Command Injection vulnerability
Moderate
CVE-2025-59376
was published
for
mcp-kubernetes-server
(pip)
Sep 15, 2025
Withdrawn Advisory: Dask Vulnerable to Command Injection
Critical
CVE-2024-10096
was published
for
dask
(pip)
Mar 20, 2025
•
withdrawn
XPixelGroup BasicSR Command Injection
Moderate
CVE-2024-27763
was published
for
basicsr
(pip)
Mar 12, 2025
virtualenv allows command injection through activation scripts for a virtual environment
High
CVE-2024-53899
was published
for
virtualenv
(pip)
Nov 24, 2024
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
Critical
CVE-2024-5023
was published
for
consoleme
(pip)
May 16, 2024
RCE in TranformGraph().to_dot_graph function
High
CVE-2023-41334
was published
for
astropy
(pip)
Mar 18, 2024
pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string
Critical
CVE-2024-23346
was published
for
pymatgen
(pip)
Feb 21, 2024
ProTip!
Advisories are also available from the
GraphQL API