GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer
High
CVE-2025-64439
was published
for
langgraph-checkpoint
(pip)
Nov 5, 2025
graphql allows remote code execution when loading a crafted GraphQL schema
Critical
CVE-2025-27407
was published
for
graphql
(RubyGems)
Mar 12, 2025
jj vulnerable to path traversal via crafted Git repositories
Critical
CVE-2024-51990
was published
for
jj-lib
(Rust)
Nov 7, 2024
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code
Critical
CVE-2022-39222
was published
for
github.com/dexidp/dex
(Go)
Oct 3, 2022
arr-pm vulnerable to arbitrary shell execution when extracting or listing files contained in a malicious rpm.
High
CVE-2022-39224
was published
for
arr-pm
(RubyGems)
Sep 21, 2022
Command Injection vulnerability in asciidoctor-include-ext
Critical
CVE-2022-24803
was published
for
asciidoctor-include-ext
(RubyGems)
Mar 31, 2022
ProTip!
Advisories are also available from the
GraphQL API