GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Pyload log Injection via API /json/add_package in add_name parameter
Moderate
GHSA-3wwm-hjv7-23r3
was published
for
pyload-ng
(pip)
Jul 30, 2025
BentoML's runner server Vulnerable to Remote Code Execution (RCE) via Insecure Deserialization
Critical
CVE-2025-32375
was published
for
bentoml
(pip)
Apr 9, 2025
Picklescan missing detection when calling built-in python library function timeit.timeit()
Moderate
GHSA-v7x6-rv5q-mhwc
was published
for
picklescan
(pip)
Apr 7, 2025
Picklescan failed to detect to some unsafe global function in Numpy library
Moderate
GHSA-fj43-3qmq-673f
was published
for
picklescan
(pip)
Apr 7, 2025
ProTip!
Advisories are also available from the
GraphQL API