GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
701 advisories
Filter by severity
In Modem, there is a possible system crash due to incorrect error handling. This could lead to...
Moderate
Unreviewed
CVE-2026-20450
was published
May 4, 2026
In the Linux kernel, the following vulnerability has been resolved:
btrfs: reject root items...
Moderate
Unreviewed
CVE-2026-43046
was published
May 1, 2026
In the Linux kernel, the following vulnerability has been resolved:
crypto: tegra - Add missing...
High
Unreviewed
CVE-2026-31739
was published
May 1, 2026
Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF ...
High
Unreviewed
CVE-2025-56568
was published
Apr 30, 2026
Kyverno Controller Denial of Service via forEach Mutation Panic
High
CVE-2026-41485
was published
for
github.com/kyverno/kyverno
(Go)
Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
PM: sleep: Drop spurious...
Moderate
Unreviewed
CVE-2026-31567
was published
Apr 24, 2026
nimiq-blockchain: Peer-triggerable panic during history sync
Moderate
CVE-2026-34066
was published
for
nimiq-blockchain
(Rust)
Apr 22, 2026
nimiq-transaction: Panic via `HistoryTreeProof` length mismatch
Low
CVE-2026-34067
was published
for
nimiq-transaction
(Rust)
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
ext4: replace BUG_ON with...
Moderate
Unreviewed
CVE-2026-31451
was published
Apr 22, 2026
Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients
Moderate
CVE-2026-41585
was published
for
zebra-rpc
(Rust)
Apr 18, 2026
Zebra has rk Identity Point Panic in Transaction Verification
Critical
CVE-2026-41584
was published
for
zebra-chain
(Rust)
Apr 18, 2026
nimiq-consensus panics via RequestMacroChain micro-block locator
Moderate
CVE-2026-34069
was published
for
nimiq-consensus
(Rust)
Apr 13, 2026
In the Linux kernel, the following vulnerability has been resolved:
ipv6: avoid overflows in...
Moderate
Unreviewed
CVE-2026-31415
was published
Apr 13, 2026
CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing
Moderate
CVE-2026-30867
was published
for
CocoaMQTT
(Swift)
Apr 3, 2026
In the Linux kernel, the following vulnerability has been resolved:
mm/rmap: fix incorrect pte...
High
Unreviewed
CVE-2026-31398
was published
Apr 3, 2026
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion...
High
Unreviewed
CVE-2026-4046
was published
Mar 30, 2026
A user with access to the cluster with a limited set of privilege actions can trigger a crash of...
Moderate
Unreviewed
CVE-2026-5170
was published
Mar 30, 2026
libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling
High
CVE-2026-34219
was published
for
libp2p-gossipsub
(Rust)
Mar 30, 2026
Under certain conditions, `named` may crash when processing a correctly signed query containing a...
Moderate
Unreviewed
CVE-2026-3119
was published
Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
mm: thp: deny THP for files...
Moderate
Unreviewed
CVE-2026-23375
was published
Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix WARN_ON in...
Moderate
Unreviewed
CVE-2026-23380
was published
Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
drbd: fix "LOGIC BUG" in...
Moderate
Unreviewed
CVE-2026-23356
was published
Mar 25, 2026
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea...
High
Unreviewed
CVE-2026-3608
was published
Mar 25, 2026
Any guest issuing a Xenstore command accessing a node using the
(illegal) node path "/local...
High
Unreviewed
CVE-2026-23555
was published
Mar 23, 2026
Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145
High
CVE-2026-32314
was published
for
yamux
(Rust)
Mar 13, 2026
ProTip!
Advisories are also available from the
GraphQL API