Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,361
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,554
Pub
12
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Langflow has Authenticated Code Execution in Agentic Assistant Validation Critical
CVE-2026-33873 was published for langflow (pip) Mar 26, 2026
kexinoh Credited to kexinoh and andifilhohub andifilhohub andifilhohub
Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint Critical
CVE-2026-33017 was published for langflow (pip) Mar 17, 2026
Aviral2642 Credited to Aviral2642, andifilhohub, Jkavia, and srmish-jfrog andifilhohub andifilhohub
Jkavia Jkavia srmish-jfrog srmish-jfrog
langflow has Unauthenticated IDOR on Image Downloads High
CVE-2026-33484 was published for langflow (pip) Mar 20, 2026
akshatgit Credited to akshatgit, abhinavagarwal07, and andifilhohub abhinavagarwal07 abhinavagarwal07
andifilhohub andifilhohub
Langflow has an Arbitrary File Write (RCE) via v2 API Critical
CVE-2026-33309 was published for langflow (pip) Mar 19, 2026
akshatgit Credited to akshatgit, abhinavagarwal07, Jkavia, and andifilhohub abhinavagarwal07 abhinavagarwal07
Jkavia Jkavia andifilhohub andifilhohub
Langflow is Missing Ownership Verification in API Key Deletion (IDOR) High
CVE-2026-33053 was published for langflow (pip) Mar 18, 2026
FaizanKolega Credited to FaizanKolega, kolega-ai-dev, andifilhohub, and erichare kolega-ai-dev kolega-ai-dev
andifilhohub andifilhohub erichare erichare
Langflow has Remote Code Execution in CSV Agent Critical
CVE-2026-27966 was published for langflow (pip) Feb 27, 2026
weblover12 Credited to weblover12, andifilhohub, and Adam-Aghili andifilhohub andifilhohub
Adam-Aghili Adam-Aghili
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database