Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
69
GitHub Actions
50
Go
3,876
Maven
5,000+
npm
5,000+
NuGet
958
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,363
Swift
54
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
Jupyter Server: Path Traversal via incorrect startswith() root directory check allows access to sibling directories High
CVE-2026-35397 was published for jupyter-server (pip) May 5, 2026
Yann-P Credited to Yann-P, Carreau, stef41, and krassowski Carreau Carreau
stef41 stef41 krassowski krassowski
Jupyter Server has an open redirection vulnerability in `next` query parameter Moderate
CVE-2025-61669 was published for jupyter-server (pip) May 5, 2026
dlqqq Credited to dlqqq, niwasak1, Yann-P, and Carreau niwasak1 niwasak1
Yann-P Yann-P Carreau Carreau
Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS High
CVE-2026-40171 was published for @jupyter-notebook/help-extension (npm) Apr 30, 2026
dtrops Credited to dtrops, Carreau, Yann-P, krassowski, and jtpio Carreau Carreau
Yann-P Yann-P krassowski krassowski jtpio jtpio
jupyter-scheduler's endpoint is missing authentication Moderate
CVE-2024-28188 was published for jupyter-scheduler (pip) May 23, 2024
krassowski Credited to krassowski, Carreau, andrii-i, dlqqq, and yuvipanda Carreau Carreau
andrii-i andrii-i dlqqq dlqqq yuvipanda yuvipanda
Voilà Local file inclusion High
CVE-2024-30265 was published for voila (pip) Apr 3, 2024
ericfinger Credited to ericfinger, trungleduc, martinRenou, and Carreau trungleduc trungleduc
martinRenou martinRenou Carreau Carreau
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database