Is there any tool for automating GitHub repo vulnerabilities fixing?

Not 100% automatic (but this type of thing absolutely should not be 100% automated), but you can opt-in to getting automated PR's from GitHub that fix the vulnerabilities it finds as they are found.

You can turn this on by going to the repository's 'Security' tab. At the top right of the 'Alerts' page on the security tab, there should be a button that says 'Automated Security Fixes'. Click it, then select the 'Automated Security Fixes' item in the drop-down that comes up.

This obviously requires that you're using a packaging system that GitHub recognizes (though you wouldn't be getting security alerts if you weren't). Somewhat interestingly, it seems to be freely available for private repositories even if you don't have a Pro account, though I'm not sure if it actually works or not.

Under the hood, this is powered by Dependabot (which was acquired by GitHub back in May).

dependabot.com/ you should check this out!