Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

655 advisories

Loading
In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of... Moderate Unreviewed
CVE-2026-34353 was published Mar 27, 2026
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image... Moderate Unreviewed
CVE-2026-2272 was published Mar 26, 2026
Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue... Moderate Unreviewed
CVE-2026-33855 was published Mar 24, 2026
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate()... Moderate Unreviewed
CVE-2026-32845 was published Mar 23, 2026
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote... Moderate Unreviewed
CVE-2026-4453 was published Mar 20, 2026
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby Moderate
CVE-2026-33306 was published for bcrypt (RubyGems) Mar 19, 2026
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2026-2809 was published Mar 17, 2026
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2025-15584 was published Mar 17, 2026
File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely Moderate
CVE-2026-32759 was published for github.com/filebrowser/filebrowser/v2 (Go) Mar 16, 2026
fg0x0 Credited to fg0x0
ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder Moderate
CVE-2026-28493 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption Moderate
CVE-2026-25970 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound... Moderate Unreviewed
CVE-2026-27281 was published Mar 10, 2026
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD... Moderate Unreviewed
CVE-2026-20025 was published Mar 4, 2026
neqo-qpack has iInteger overflow in qpack dynamic table indexing Moderate
GHSA-6w86-wgwq-rgq8 was published for neqo-qpack (Rust) Mar 4, 2026
Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound Moderate
CVE-2025-66168 was published for org.apache.activemq:activemq-all (Maven) Mar 4, 2026
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps Moderate
CVE-2026-27809 was published for psd-tools (pip) Feb 26, 2026
A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which... Moderate Unreviewed
CVE-2026-0619 was published Feb 12, 2026
The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass... Moderate Unreviewed
CVE-2024-36316 was published Feb 11, 2026
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an... Moderate Unreviewed
CVE-2025-48515 was published Feb 10, 2026
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound... Moderate Unreviewed
CVE-2026-21354 was published Feb 10, 2026
Memory corruption while calculating offset from partition start point. Moderate Unreviewed
CVE-2025-47364 was published Feb 2, 2026
Memory corruption when calculating oversized partition sizes without proper checks. Moderate Unreviewed
CVE-2025-47363 was published Feb 2, 2026
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size... Moderate Unreviewed
CVE-2026-25210 was published Jan 30, 2026
soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64 Moderate
CVE-2026-24889 was published for soroban-sdk (Rust) Jan 28, 2026
leighmcculloch Credited to leighmcculloch, jayz22, dmkozh, and kanwalpreetd jayz22 jayz22
dmkozh dmkozh kanwalpreetd kanwalpreetd
Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec Moderate
CVE-2026-24807 was published for com.github.liuyueyi.media:batik-codec-fix (Maven) Jan 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database