GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
603 advisories
Filter by severity
OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to...
Moderate
Unreviewed
CVE-2026-13122
was published
Jul 6, 2026
In the Linux kernel, the following vulnerability has been resolved:
blk-wbt: remove WARN_ON_ONCE...
Moderate
Unreviewed
CVE-2026-53319
was published
Jun 26, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Wrap DCN32...
Moderate
Unreviewed
CVE-2026-53285
was published
Jun 26, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: phonet: do not BUG_ON()...
Moderate
Unreviewed
CVE-2026-53292
was published
Jun 26, 2026
CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to...
Moderate
Unreviewed
CVE-2026-9718
was published
Jun 25, 2026
In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that...
High
Unreviewed
CVE-2026-47145
was published
Jun 25, 2026
In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that...
High
Unreviewed
CVE-2026-47146
was published
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
accel/ethosu: reject...
Moderate
Unreviewed
CVE-2026-53169
was published
Jun 25, 2026
A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad....
Moderate
Unreviewed
CVE-2026-52718
was published
Jun 15, 2026
A vulnerability has been found in some Dahua products could allow an authenticated remote...
Moderate
Unreviewed
CVE-2026-29115
was published
Jun 10, 2026
A vulnerability has been found in some Dahua products could
allow an unauthenticated remote...
High
Unreviewed
CVE-2026-29116
was published
Jun 10, 2026
When using $changestreams and $_requestReshardingResumeToken with the exchange option the server...
High
Unreviewed
CVE-2026-9746
was published
Jun 10, 2026
The $_internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this...
High
Unreviewed
CVE-2026-9748
was published
Jun 10, 2026
An authenticated user can cause a MongoDB server to crash or return incorrect results by creating...
High
Unreviewed
CVE-2026-9750
was published
Jun 10, 2026
This issue can occur when running an aggregation pipeline that uses the internal $exchange stage...
High
Unreviewed
CVE-2026-9749
was published
Jun 10, 2026
Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb...
High
Unreviewed
CVE-2026-9747
was published
Jun 10, 2026
Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through...
Moderate
Unreviewed
CVE-2026-35058
was published
Jun 8, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: txgbe: fix RTNL...
Moderate
Unreviewed
CVE-2026-46287
was published
Jun 8, 2026
FlexRIC v2.0.0 contains a reachable assertion in e2ap_recv_sctp_msg() (src/lib/ep/e2ap_ep.c). The...
High
Unreviewed
CVE-2026-37228
was published
Jun 1, 2026
FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The...
High
Unreviewed
CVE-2026-37233
was published
Jun 1, 2026
FlexRIC v2.0.0 contains a reachable assertion in e2ap_create_pdu() triggered when ASN.1 PER...
High
Unreviewed
CVE-2026-37229
was published
Jun 1, 2026
FlexRIC v2.0.0 contains reachable assert(0) calls in stub message handlers for whitelisted but...
High
Unreviewed
CVE-2026-37227
was published
Jun 1, 2026
FlexRIC v2.0.0 crashes when receiving a duplicate E2_SETUP_REQUEST from the same or spoofed E2...
High
Unreviewed
CVE-2026-37224
was published
Jun 1, 2026
FlexRIC v2.0.0 crashes when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST with an empty...
High
Unreviewed
CVE-2026-37225
was published
Jun 1, 2026
FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher...
High
Unreviewed
CVE-2026-37223
was published
Jun 1, 2026
ProTip!
Advisories are also available from the
GraphQL API