GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,338
Maven
5,000+
npm
5,000+
NuGet
1,032
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
147 advisories
Filter by severity
The illumos SCTP inbound path performs association lookup for INIT ACK chunks without adequately...
Critical
Unreviewed
CVE-2026-15422
was published
Jul 16, 2026
A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex...
Critical
Unreviewed
CVE-2026-42533
was published
Jul 15, 2026
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-56159
was published
Jul 14, 2026
Heap-based buffer overflow in Minecraft Bedrock Dedicated Server allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-55010
was published
Jul 14, 2026
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-50518
was published
Jul 14, 2026
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-50447
was published
Jul 14, 2026
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a...
Critical
Unreviewed
CVE-2026-50380
was published
Jul 14, 2026
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-54990
was published
Jul 14, 2026
Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-49172
was published
Jul 14, 2026
Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-42990
was published
Jul 14, 2026
Heap buffer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote...
Critical
Unreviewed
CVE-2026-13798
was published
Jul 1, 2026
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that...
Critical
Unreviewed
CVE-2026-56123
was published
Jun 25, 2026
Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks.
This issue affects...
Critical
Unreviewed
CVE-2026-46752
was published
Jun 25, 2026
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows...
Critical
Unreviewed
CVE-2026-2467
was published
Jun 17, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and...
Critical
Unreviewed
CVE-2026-42055
was published
Jun 17, 2026
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.
Critical
Unreviewed
CVE-2026-45657
was published
Jun 9, 2026
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-47291
was published
Jun 9, 2026
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate...
Critical
Unreviewed
CVE-2026-42904
was published
Jun 9, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed...
Critical
Unreviewed
CVE-2026-8175
was published
May 27, 2026
FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in...
Critical
Unreviewed
CVE-2026-48689
was published
May 26, 2026
FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH...
Critical
Unreviewed
CVE-2026-48691
was published
May 26, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This...
Critical
Unreviewed
CVE-2026-9256
was published
May 26, 2026
A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4...
Critical
Unreviewed
CVE-2026-44050
was published
May 21, 2026
A potential security vulnerability has been identified in the HP Linux Imaging and Printing...
Critical
Unreviewed
CVE-2026-8631
was published
May 20, 2026
NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at...
Critical
Unreviewed
CVE-2026-8711
was published
May 19, 2026
ProTip!
Advisories are also available from the
GraphQL API