GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
164 advisories
Filter by severity
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software...
Low
Unreviewed
CVE-2026-0280
was published
Jul 9, 2026
jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow
High
CVE-2026-52834
was published
for
jxl-grid
(Rust)
Jul 2, 2026
jxl-oxide: `FrameBuffer::new` creates out-of-bounds slices on overflow
Moderate
GHSA-66m8-c62j-h6v5
was published
for
jxl-oxide
(Rust)
Jul 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Fix buffer...
High
Unreviewed
CVE-2026-53143
was published
Jun 25, 2026
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2050
was published
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: pull headers in...
High
Unreviewed
CVE-2026-53091
was published
Jun 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
libceph: Fix potential out...
Critical
Unreviewed
CVE-2026-52955
was published
Jun 24, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and...
Critical
Unreviewed
CVE-2026-42055
was published
Jun 17, 2026
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow...
Moderate
Unreviewed
CVE-2026-8357
was published
Jun 15, 2026
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2049
was published
Jun 11, 2026
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny...
Moderate
Unreviewed
CVE-2026-42915
was published
Jun 9, 2026
Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in...
High
Unreviewed
CVE-2026-10701
was published
Jun 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
ipv6: rpl: reserve mac_len...
Critical
Unreviewed
CVE-2026-43501
was published
May 21, 2026
rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers
Moderate
CVE-2026-45784
was published
for
openssl
(Rust)
May 19, 2026
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
Moderate
CVE-2026-46521
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This...
Critical
Unreviewed
CVE-2026-42945
was published
May 13, 2026
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without...
High
Unreviewed
CVE-2026-40618
was published
May 13, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Set DMA segment...
Moderate
Unreviewed
CVE-2026-43302
was published
May 8, 2026
vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters
Moderate
CVE-2026-44223
was published
for
vllm
(pip)
May 6, 2026
In the Linux kernel, the following vulnerability has been resolved:
xfrm: account XFRMA_IF_ID in...
Moderate
Unreviewed
CVE-2026-43107
was published
May 6, 2026
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client ...
High
Unreviewed
CVE-2026-29004
was published
May 4, 2026
Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT...
Critical
Unreviewed
CVE-2026-1949
was published
Apr 24, 2026
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
High
CVE-2026-41676
was published
for
openssl
(Rust)
Apr 22, 2026
Brillig: Heap corruption in foreign call results with nested tuple arrays
Critical
CVE-2026-41197
was published
for
brillig
(Rust)
Apr 21, 2026
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox...
High
Unreviewed
CVE-2026-6752
was published
Apr 21, 2026
ProTip!
Advisories are also available from the
GraphQL API