Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Pillow vulnerability can cause write buffer overflow on BCn encoding High
CVE-2025-48379 was published for pillow (pip) Jul 1, 2025
radarhere Credited to radarhere and hugovk hugovk hugovk
Pillow affected by out-of-bounds write when loading PSD images High
CVE-2026-25990 was published for pillow (pip) Feb 11, 2026
wiredfool Credited to wiredfool, radarhere, hugovk, and yardenporat353 radarhere radarhere
hugovk hugovk yardenporat353 yardenporat353
UltraJSON has a Memory Leak in ujson.dump() on Write Failure High
CVE-2026-44660 was published for ujson (pip) May 12, 2026
Zwique Credited to Zwique, bwoodsend, hugovk, and BeBecpp bwoodsend bwoodsend
hugovk hugovk BeBecpp BeBecpp
UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps() Moderate
CVE-2026-54911 was published for ujson (pip) Jun 19, 2026
Zwique Credited to Zwique, bwoodsend, and hugovk bwoodsend bwoodsend
hugovk hugovk
ProTip! Advisories are also available from the GraphQL API