GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
164 advisories
Filter by severity
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software...
Low
Unreviewed
CVE-2026-0280
was published
Jul 9, 2026
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2050
was published
Jun 25, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and...
Critical
Unreviewed
CVE-2026-42055
was published
Jun 17, 2026
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow...
Moderate
Unreviewed
CVE-2026-8357
was published
Jun 15, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Fix buffer...
High
Unreviewed
CVE-2026-53143
was published
Jun 25, 2026
jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow
High
CVE-2026-52834
was published
for
jxl-grid
(Rust)
Jul 2, 2026
jxl-oxide: `FrameBuffer::new` creates out-of-bounds slices on overflow
Moderate
GHSA-66m8-c62j-h6v5
was published
for
jxl-oxide
(Rust)
Jul 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
ipv6: rpl: reserve mac_len...
Critical
Unreviewed
CVE-2026-43501
was published
May 21, 2026
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2049
was published
Jun 11, 2026
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-4152
was published
Apr 11, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: pull headers in...
High
Unreviewed
CVE-2026-53091
was published
Jun 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
libceph: Fix potential out...
Critical
Unreviewed
CVE-2026-52955
was published
Jun 24, 2026
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of...
Critical
Unreviewed
CVE-2026-20911
was published
Apr 7, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability...
High
Unreviewed
CVE-2026-4695
was published
Mar 24, 2026
Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in...
High
Unreviewed
CVE-2026-10701
was published
Jun 2, 2026
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2047
was published
Feb 21, 2026
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client ...
High
Unreviewed
CVE-2026-29004
was published
May 4, 2026
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox...
High
Unreviewed
CVE-2026-6752
was published
Apr 21, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This...
Critical
Unreviewed
CVE-2026-42945
was published
May 13, 2026
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
Moderate
CVE-2026-46521
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny...
Moderate
Unreviewed
CVE-2026-42915
was published
Jun 9, 2026
vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters
Moderate
CVE-2026-44223
was published
for
vllm
(pip)
May 6, 2026
rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers
Moderate
CVE-2026-45784
was published
for
openssl
(Rust)
May 19, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Set DMA segment...
Moderate
Unreviewed
CVE-2026-43302
was published
May 8, 2026
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without...
High
Unreviewed
CVE-2026-40618
was published
May 13, 2026
ProTip!
Advisories are also available from the
GraphQL API