GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
13 advisories
PraisonAI Has Missing Authentication in WebSocket Gateway
Critical
CVE-2026-34952
was published
for
praisonai
(pip)
Apr 1, 2026
Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
Critical
CVE-2026-33017
was published
for
langflow
(pip)
Mar 17, 2026
Keylime Missing Authentication for Critical Function and Improper Authentication
Critical
CVE-2026-1709
was published
for
keylime
(pip)
Feb 6, 2026
Bambuddy Uses Hardcoded Secret Key + Many API Endpoints do not Require Authentication
Critical
CVE-2026-25505
was published
for
bambuddy
(pip)
Feb 2, 2026
BackendAI Missing Authentication for Critical Function
Critical
CVE-2025-49652
was published
for
backend.ai
(pip)
Jun 9, 2025
Jupyter Server Proxy's Websocket Proxying does not require authentication
Critical
CVE-2024-28179
was published
for
jupyter-server-proxy
(pip)
Mar 20, 2024
Authentication bypass in Apache Airflow
Critical
CVE-2020-13927
was published
for
apache-airflow
(pip)
Apr 30, 2021
ProTip!
Advisories are also available from the
GraphQL API