Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
OpenBao: Transit secrets engine crashes on key creation with `derived: true` for asymmetric key types Moderate
CVE-2026-55776 was published for github.com/openbao/openbao (Go) Jun 19, 2026
SahilKumar000 Credited to SahilKumar000
LinZiyuu Credited to LinZiyuu
free5GC's NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri) High
CVE-2026-44319 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
Kyverno Controller Denial of Service via forEach Mutation Panic High
CVE-2026-41485 was published for github.com/kyverno/kyverno (Go) Apr 24, 2026
thevilledev Credited to thevilledev
go-tuf affected by client DoS via malformed server response Moderate
CVE-2026-23991 was published for github.com/theupdateframework/go-tuf/v2 (Go) Jan 21, 2026
1seal Credited to 1seal, kommendorkapten, and rdimitrov kommendorkapten kommendorkapten
rdimitrov rdimitrov
Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API Moderate
CVE-2025-60632 was published for github.com/free5gc/pcf (Go) Nov 24, 2025
golang.org/x/crypto/ssh/agent has a potential denial of service High
CVE-2025-47913 was published for golang.org/x/crypto/ssh/agent (Go) Nov 14, 2025
augustocesarperin Credited to augustocesarperin
quic-go: Panic occurs when queuing undecryptable packets after handshake completion High
CVE-2025-59530 was published for github.com/quic-go/quic-go (Go) Oct 10, 2025
rsukhodolskyi Credited to rsukhodolskyi
malformed proposed intoto entries can cause a panic Moderate
CVE-2023-33199 was published for github.com/sigstore/rekor (Go) May 26, 2023
shiyanhui/dht vulnerable to Uncontrolled Resource Consumption High
CVE-2020-36562 was published for github.com/shiyanhui/dht (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API