Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Security Advisories

Browse security advisories and track which Dependabot PRs address them.

RSS Feed

28,653

Total Advisories

2,457

With Dependabot PRs

3,931

Critical Severity

10,098

High Severity

Clear All Filters
OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)
GHSA-7437-7hg8-frrw HIGH about 2 hours ago
## Impact HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHS...
npm
No PRs yet
OpenClaw: Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel
GHSA-jf56-mccx-5f3f HIGH about 2 hours ago
## Impact Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel. An authenticated wake ho...
npm
No PRs yet
OpenClaw: Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `exec-event` downgrade
GHSA-gfmx-pph7-g46x HIGH about 2 hours ago
## Impact Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `ex...
npm
No PRs yet
PraisonAI Vulnerable to OS Command Injection
GHSA-2763-cj5r-c79m CRITICAL about 18 hours ago
The `execute_command` function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-gen...
pypi
No PRs yet
OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response
GHSA-68m9-983m-f3v5 MODERATE about 18 hours ago
### Description When OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the ...
go
No PRs yet
LangChain has incomplete f-string validation in prompt templates
GHSA-926x-3r5x-gfhw MODERATE about 18 hours ago
LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates an...
pypi
No PRs yet
Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
GHSA-2679-6mx9-h9xc CVE-2026-39987 CRITICAL about 18 hours ago
## Summary Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint `/terminal/ws` lacks authentication validation, ...
pypi
No PRs yet
Pretext: Algorithmic Complexity (DoS) in the text analysis phase
GHSA-5478-66c3-rhxr HIGH about 18 hours ago
`isRepeatedSingleCharRun()` in `src/analysis.ts` (line 285) re-scans the entire accumulated segment on every merge iteration during text analysis, ...
npm
No PRs yet
basic-ftp has FTP Command Injection via CRLF
GHSA-chqc-8p9q-pq6q CVE-2026-39983 HIGH about 20 hours ago
## Summary `basic-ftp` version `5.2.0` allows FTP command injection via CRLF sequences (`\r\n`) in file path parameters passed to high-level path ...
npm
43
Dependabot PRs
AGiXT Vulnerable to Path Traversal in safe_join()
GHSA-5gfj-64gh-mgmw CVE-2026-39981 HIGH about 20 hours ago
### Summary The safe_join() function in the essential_abilities extension fails to validate that resolved file paths remain within the designated a...
pypi
No PRs yet
Laravel Passport: TokenGuard Authenticates Unrelated User for Client Credentials Tokens
GHSA-349c-2h2f-mxf6 HIGH about 20 hours ago
### Impact Authentication Bypass for `client_credentials` tokens. the league/oauth2-server library sets the JWT sub claim to the client identifier ...
packagist
No PRs yet
n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode
GHSA-4ggg-h7ph-26qr CVE-2026-39974 HIGH about 20 hours ago
## Impact An authenticated Server-Side Request Forgery in `n8n-mcp` allows a caller holding a valid `AUTH_TOKEN` to cause the server to issue HTTP ...
npm
No PRs yet
mercure has Topic Selector Cache Key Collision
GHSA-hwr4-mq23-wcv5 CVE-2026-39972 HIGH about 20 hours ago
### Impact A cache key collision vulnerability in `TopicSelectorStore` allows an attacker to poison the match result cache, potentially causing pr...
go
No PRs yet
Tmds.DBus: malicious D-Bus peers can spoof signals, exhaust file descriptor resources, and cause denial of service
GHSA-xrw6-gwf8-vvr9 CVE-2026-39959 HIGH about 20 hours ago
Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a ...
nuget
No PRs yet
Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs
GHSA-p423-j2cm-9vmq CVE-2026-39892 MODERATE about 21 hours ago
If a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. `Hash.update()`), this could lead to buffer overflows. For exampl...
pypi
189
Dependabot PRs
monetr: Protected Transactions Deletable via PUT
GHSA-hqxq-hwqf-wg83 CVE-2026-39901 MODERATE about 21 hours ago
### Summary A transaction integrity flaw allows an authenticated tenant user to soft-delete synced non-manual transactions through the transaction ...
go
No PRs yet
mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications
GHSA-v6ph-xcq9-qxxj CVE-2026-39885 HIGH about 21 hours ago
## Summary The `mcp-from-openapi` library uses `@apidevtools/json-schema-ref-parser` to dereference `$ref` pointers in OpenAPI specifications with...
npm
No PRs yet
opentelemetry-go: BSD kenv command not using absolute path enables PATH hijacking
GHSA-hfvc-g4fc-pqhx CVE-2026-39883 HIGH about 21 hours ago
## Summary The fix for GHSA-9h8m-3fm2-qjrq (CVE-2026-24051) changed the Darwin `ioreg` command to use an absolute path but left the BSD `kenv` com...
go
No PRs yet
opentelemetry-go: OTLP HTTP exporters read unbounded HTTP response bodies
GHSA-w8rr-5gcm-pp58 CVE-2026-39882 MODERATE about 21 hours ago
overview: this report shows that the otlp HTTP exporters (traces/metrics/logs) read the full HTTP response body into an in-memory `bytes.Buffer` wi...
go
No PRs yet
PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling
GHSA-766v-q9x3-g744 MODERATE about 21 hours ago
## Summary The `MultiAgentLedger` and `MultiAgentMonitor` components in the provided code exhibit vulnerabilities that can lead to context leakage ...
pypi
No PRs yet
PraisonAI has Template Injection in Agent Tool Definitions
GHSA-hwg5-x759-7wjg CVE-2026-39891 HIGH about 21 hours ago
## Summary Direct insertion of unescaped user input into template-rendering tools allows arbitrary code execution via specially crafted agent instr...
pypi
No PRs yet
PraisonAI Has Unauthenticated SSE Event Stream that Exposes All Agent Activity in A2U Server
GHSA-f292-66h9-fpmf CVE-2026-39889 HIGH about 21 hours ago
The A2U (Agent-to-User) event stream server in PraisonAI exposes all agent activity without authentication. This is a separate component from the g...
pypi
No PRs yet
PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
GHSA-qf73-2hrx-xprp CVE-2026-39888 CRITICAL about 21 hours ago
## Summary `execute_code()` in `praisonaiagents.tools.python_tools` defaults to `sandbox_mode="sandbox"`, which runs user code in a subprocess wra...
pypi
No PRs yet
PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading
GHSA-32vr-5gcf-3pw2 CVE-2026-39890 CRITICAL about 21 hours ago
## Summary The `AgentService.loadAgentFromFile` method uses the `js-yaml` library to parse YAML files without disabling dangerous tags (such as `!!...
pypi
No PRs yet
CI4MS Vulnerable to .env CRLF Injection via Unvalidated `host` Parameter in Install Controller
GHSA-vfhx-5459-qhqh CVE-2026-39394 HIGH about 21 hours ago
## Summary The `Install::index()` controller reads the `host` POST parameter without any validation and passes it directly into `updateEnvSettings...
packagist
No PRs yet
CI4MS Vulnerable to Post-Installation Re-entry via Cache-Dependent Install Guard Bypass
GHSA-8rh5-4mvx-xj7j CVE-2026-39393 HIGH about 21 hours ago
## Summary The install route guard in ci4ms relies solely on a volatile cache check (`cache('settings')`) combined with `.env` file existence to b...
packagist
No PRs yet
CI4MS has stored XSS in Pages Content Due to Missing html_purify Sanitization
GHSA-fjpj-6qcq-6pw2 CVE-2026-39392 MODERATE about 21 hours ago
## Summary The Pages module does not apply the `html_purify` validation rule to content fields during create and update operations, while the Blog...
packagist
No PRs yet
CI4MS has stored XSS via Unescaped Blacklist Note in Admin User List
GHSA-7cm9-v848-cfh2 CVE-2026-39391 MODERATE about 21 hours ago
## Summary The blacklist (ban) note parameter in `UserController::ajax_blackList_post()` is stored in the database without sanitization and render...
packagist
No PRs yet
CI4MS has stored XSS via srcdoc attribute bypass in Google Maps iframe setting
GHSA-x3hr-cp7x-44r2 CVE-2026-39390 MODERATE about 21 hours ago
## Summary The Google Maps iframe setting (`cMap` field) in `compInfosPost()` sanitizes input using `strip_tags()` with an `<iframe>` allowlist an...
packagist
No PRs yet
CI4MS has a Hidden Items Authorization Bypass in Fileeditor Allows Reading Secrets and Writing Protected Files
GHSA-9rxp-f27p-wv3h CVE-2026-39389 MODERATE about 21 hours ago
## Summary The Fileeditor controller defines a `hiddenItems` array containing security-sensitive paths (`.env`, `composer.json`, `vendor/`, `.git/...
packagist
No PRs yet
quarkus-openapi-generator extension has Zip Slip Path Traversal in ApicurioCodegenWrapper class
GHSA-jx2w-vp7f-456q MODERATE about 21 hours ago
### Summary A path traversal vulnerability was discovered in the quarkus-openapi-generator extension ### Details The `unzip()` method in `Apicurio...
maven
No PRs yet
stata-mcp has insufficient validation of user-supplied Stata do-file content that can lead to command execution
GHSA-jpcj-7wfg-mqxv CVE-2026-31040 HIGH about 22 hours ago
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to comma...
pypi
No PRs yet
Fleet Affected by Local Privilege Escalation via Tcl Command Injection in Orbit
GHSA-rphv-h674-5hp2 CVE-2026-27806 HIGH about 22 hours ago
## Summary The Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates it ...
go
No PRs yet
Axios HTTP/2 Session Cleanup State Corruption Vulnerability
GHSA-qj83-cq47-w5f8 CVE-2026-39865 MODERATE 1 day ago
### Summary Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through ...
npm
No PRs yet
pretix: API leaks check-in data between events of the same organizer
GHSA-wr8q-c73g-m7gp CVE-2026-5600 MODERATE 1 day ago
A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events...
pypi
No PRs yet
Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables
GHSA-gc59-r5jq-98qw CVE-2026-5795 HIGH 1 day ago
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the i...
maven
No PRs yet
OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write
GHSA-p8xc-w3q4-h64x CVE-2026-34589 HIGH 1 day ago
## Summary The DWA lossy decoder constructs temporary per-component block pointers using signed 32-bit arithmetic. For a large enough width, the c...
pypi
No PRs yet
OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write
GHSA-588r-cr5c-w6hf CVE-2026-34588 HIGH 1 day ago
## Summary `internal_exr_undo_piz()` advances the working wavelet pointer with signed 32-bit arithmetic: ```c wavbuf += nx * ny * wcount; ``` Be...
pypi
No PRs yet
Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO)
GHSA-vvjj-xcjg-gr5g MODERATE 1 day ago
### Summary Nodemailer versions up to and including 8.0.4 are vulnerable to SMTP command injection via CRLF sequences in the transport `name` conf...
npm
162
Dependabot PRs
kubernetes-graphql-gateway: GraphQL Endpoint Vulnerable to Authenticated Denial-of-Service via Unrestricted Query Execution
GHSA-h9mw-h4qc-f5jf MODERATE 1 day ago
**CVSS 6.5 Medium** — The GraphQL API served by kubernetes-graphql-gateway is vulnerable to Denial-of-Service (DoS) attacks due to a complete absen...
go
No PRs yet
LiquidJS: `renderFile()` / `parseFile()` bypass configured `root` and allow arbitrary file read
GHSA-v273-448j-v4qj CVE-2026-39859 MODERATE 1 day ago
`liquidjs` 10.25.0 documents `root` as constraining filenames passed to `renderFile()` and `parseFile()`, but top-level file loads do not enforce t...
npm
No PRs yet
LiquidJS: ownPropertyOnly bypass via sort_natural filter — prototype property information disclosure through sorting side-channel
GHSA-rv5g-f82m-qrvv CVE-2026-39412 MODERATE 1 day ago
### Summary The `sort_natural` filter bypasses the `ownPropertyOnly` security option, allowing template authors to extract values of prototype-inh...
npm
No PRs yet
LobeHub: Unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header
GHSA-5mwj-v5jw-5c97 CVE-2026-39411 MODERATE 1 day ago
# Summary The `webapi` authentication layer trusts a client-controlled `X-lobe-chat-auth` header that is only XOR-obfuscated, not signed or otherw...
npm
No PRs yet
kcp's cache server is accessible without authentication or authorization checks
GHSA-3j3q-wp9x-585p CVE-2026-39429 HIGH 1 day ago
### Summary The cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can...
go
No PRs yet
NiceGUI: Upload filename sanitization bypass via backslashes allows path traversal on Windows
GHSA-w8wv-vfpc-hw2w CVE-2026-39844 MODERATE 1 day ago
### Summary The upload filename sanitization introduced in GHSA-9ffm-fxg3-xrhh uses `PurePosixPath(filename).name` to strip path components. Since...
pypi
No PRs yet
SiYuan: Remote Code Execution in the Electron desktop client via stored XSS in synced table captions
GHSA-phhp-9rm9-6gr2 CVE-2026-39846 CRITICAL 1 day ago
### Summary A malicious note synced to another user can trigger remote code execution in the SiYuan Electron desktop client. The root cause is that...
go
No PRs yet
LiquidJS: Root restriction bypass for partial and layout loading through symlinked templates
GHSA-56p5-8mhr-2fph CVE-2026-35525 HIGH 1 day ago
### Summary LiquidJS enforces partial and layout root restrictions using the resolved pathname string, but it does not resolve the canonical files...
npm
No PRs yet
LiquidJS Has Memory Limit Bypass via Quadratic Amplification in `replace` Filter
GHSA-mmg9-6m6j-jqqx CVE-2026-34166 LOW 1 day ago
## Summary The `replace` filter in LiquidJS incorrectly accounts for memory usage when the `memoryLimit` option is enabled. It charges `str.length...
npm
No PRs yet
rfc3161-client Has Improper Certificate Validation
GHSA-3xxc-pwj6-jgrj CVE-2026-33753 MODERATE 1 day ago
### Summary An Authorization Bypass vulnerability in `rfc3161-client`'s signature verification allows any attacker to impersonate a trusted TimeSt...
pypi
No PRs yet
XWiki vulnerable to remote code execution with script right through unprotected Velocity scripting API
GHSA-h259-74h5-4rh9 CVE-2026-33229 HIGH 1 day ago
### Impact An improperly protected scripting API allows any user with script right to bypass the sandboxing of the Velocity scripting API and execu...
maven
No PRs yet