Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,132 advisories

Loading
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability High Unreviewed
CVE-2026-23672 was published Mar 10, 2026
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to... High Unreviewed
CVE-2026-23673 was published Mar 10, 2026
Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. High Unreviewed
CVE-2026-3631 was published Mar 9, 2026
Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-28540 was published Mar 5, 2026
Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a... High Unreviewed
CVE-2026-3540 was published Mar 4, 2026
An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project... Moderate Unreviewed
CVE-2025-64736 was published Mar 3, 2026
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write... High Unreviewed
CVE-2026-0035 was published Mar 2, 2026
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in... Moderate Unreviewed
CVE-2026-23865 was published Mar 2, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20429 was published Mar 2, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20424 was published Mar 2, 2026
A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function... Moderate Unreviewed
CVE-2026-3391 was published Mar 1, 2026
A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function... Moderate Unreviewed
CVE-2026-3390 was published Mar 1, 2026
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2026-3386 was published Mar 1, 2026
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an... Low Unreviewed
CVE-2026-22717 was published Feb 27, 2026
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the... Low Unreviewed
CVE-2026-3285 was published Feb 27, 2026
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to... Moderate Unreviewed
CVE-2026-0402 was published Feb 24, 2026
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148,... Critical Unreviewed
CVE-2026-2771 was published Feb 24, 2026
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in... Moderate Unreviewed
CVE-2026-2664 was published Feb 24, 2026
Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to... Critical Unreviewed
CVE-2026-3061 was published Feb 24, 2026
Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a... Critical Unreviewed
CVE-2026-3062 was published Feb 24, 2026
A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability... Moderate Unreviewed
CVE-2026-2869 was published Feb 21, 2026
A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar... Moderate Unreviewed
CVE-2026-2858 was published Feb 21, 2026
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow... Low Unreviewed
CVE-2026-22885 was published Feb 20, 2026
An integer underflow vulnerability in Silicon Labs Secure NCP host implementation allows a buffer... Low Unreviewed
CVE-2025-14055 was published Feb 20, 2026
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read... Moderate Unreviewed
CVE-2026-2243 was published Feb 19, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database