GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,273
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,489
Swift
61
Unreviewed advisories
All unreviewed
5,000+
382 advisories
Filter by severity
An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain...
Moderate
Unreviewed
CVE-2026-50813
was published
Jul 8, 2026
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
High
Unreviewed
CVE-2026-21379
was published
Jul 6, 2026
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used...
Moderate
Unreviewed
CVE-2026-58012
was published
Jun 30, 2026
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the...
Moderate
Unreviewed
CVE-2026-58013
was published
Jun 30, 2026
A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in...
Moderate
Unreviewed
CVE-2026-58010
was published
Jun 30, 2026
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by...
Moderate
Unreviewed
CVE-2026-41992
was published
Jun 29, 2026
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in...
Moderate
Unreviewed
CVE-2026-40210
was published
Jun 25, 2026
Tornado has out-of-bounds memory access via C extension
Low
CVE-2026-49854
was published
for
tornado
(pip)
Jun 12, 2026
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information...
Moderate
Unreviewed
CVE-2026-45460
was published
Jun 9, 2026
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to...
High
Unreviewed
CVE-2026-42828
was published
Jun 9, 2026
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the...
Moderate
Unreviewed
CVE-2026-11787
was published
Jun 9, 2026
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker...
High
Unreviewed
CVE-2026-44185
was published
Jun 8, 2026
Information Disclosure when processing advertisement frames with malformed MBSSID elements of...
Moderate
Unreviewed
CVE-2025-59609
was published
Jun 2, 2026
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
High
Unreviewed
CVE-2026-5260
was published
May 27, 2026
OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers
Moderate
CVE-2026-45684
was published
for
go.opentelemetry.io/obi
(Go)
May 18, 2026
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of...
Moderate
Unreviewed
CVE-2026-6575
was published
May 14, 2026
Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in...
Moderate
Unreviewed
CVE-2026-8463
was published
May 13, 2026
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose...
High
Unreviewed
CVE-2026-34336
was published
May 12, 2026
diesel-async may expose uninitialized padding bytes for MySQL temporal columns
Low
GHSA-ff9q-rm55-q7qr
was published
for
diesel-async
(Rust)
May 7, 2026
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
Moderate
Unreviewed
CVE-2025-47406
was published
May 4, 2026
Transient DOS when processing target power rate tables during channel configuration.
Moderate
Unreviewed
CVE-2025-47401
was published
May 4, 2026
Transient DOS when processing a malformed Fast Transition response frame with an invalid header...
Moderate
Unreviewed
CVE-2025-47403
was published
May 4, 2026
Buffer Over-read vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server:...
High
Unreviewed
CVE-2026-34059
was published
May 4, 2026
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c...
High
Unreviewed
CVE-2026-37532
was published
May 1, 2026
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...
Moderate
Unreviewed
CVE-2026-6532
was published
Apr 30, 2026
ProTip!
Advisories are also available from the
GraphQL API