GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated...
Moderate
Unreviewed
CVE-2026-33455
was published
Apr 10, 2026
Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47...
Moderate
Unreviewed
CVE-2026-33457
was published
Apr 10, 2026
Livestatus injection in the notification test mode in Checkmk <2.5.0b4 and <2.4.0p26 allows an...
Moderate
Unreviewed
CVE-2026-33456
was published
Apr 10, 2026
An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and...
Moderate
Unreviewed
CVE-2025-52989
was published
Jul 11, 2025
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the...
Moderate
Unreviewed
CVE-2025-32918
was published
Jul 4, 2025
OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint
Moderate
CVE-2025-48879
was published
for
OctoPrint
(pip)
Jun 10, 2025
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus...
Moderate
Unreviewed
CVE-2024-38866
was published
May 27, 2025
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of...
Moderate
Unreviewed
CVE-2024-38865
was published
Apr 10, 2025
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows...
Moderate
Unreviewed
CVE-2024-42392
was published
Nov 18, 2024
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows...
Moderate
Unreviewed
CVE-2024-42385
was published
Nov 18, 2024
fish-shop/syntax-check Improper Neutralization of Delimiters
Moderate
CVE-2024-42482
was published
for
fish-shop/syntax-check
(GitHub Actions)
Aug 12, 2024
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk <= 2.0.0p39, < 2...
Moderate
Unreviewed
CVE-2024-6542
was published
Jul 22, 2024
Improper neutralization of livestatus command delimiters in ajax_search in Checkmk <= 2.0.0p39, <...
High
Unreviewed
CVE-2023-6157
was published
Nov 22, 2023
Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk ...
High
Unreviewed
CVE-2023-6156
was published
Nov 22, 2023
Field injection in the KirbyData text storage handler
High
CVE-2023-38488
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, <...
High
Unreviewed
CVE-2023-31208
was published
May 17, 2023
ProTip!
Advisories are also available from the
GraphQL API