GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 18,360
Composer 3,434
Erlang 29
GitHub Actions 16
Go 1,660
Maven 4,922
npm 3,450
NuGet 594
pip 2,840
Pub 10
RubyGems 823
Rust 764
Swift 34

Unreviewed advisories

All unreviewed 215,755

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5 advisories

Filter by severity

Sort by

Least recently updated

LangChain's XMLOutputParser vulnerable to XML Entity Expansion Moderate

CVE-2024-1455 was published for langchain-core (pip) Mar 26, 2024

Langchain Server-Side Request Forgery vulnerability High

CVE-2023-32786 was published for langchain (pip) Oct 21, 2023

Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library Critical

CVE-2023-39631 was published for langchain (pip) Sep 1, 2023

langchain vulnerable to arbitrary code execution Critical

CVE-2023-36281 was published for langchain (pip) Aug 22, 2023

LangChain vulnerable to arbitrary code execution Critical

CVE-2023-39659 was published for langchain (pip) Aug 15, 2023

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5 advisories