Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

551 advisories

Loading
nimiq-blockchain: Peer-triggerable panic during history sync Moderate
CVE-2026-34066 was published for nimiq-blockchain (Rust) Apr 22, 2026
1seal Credited to 1seal and ii-cruz ii-cruz ii-cruz
uutils coreutils has an Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2026-35366 was published for coreutils (Rust) Apr 22, 2026
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation Moderate
CVE-2026-40343 was published for github.com/free5gc/udr (Go) Apr 21, 2026
Giancannella Credited to Giancannella
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in... High Unreviewed
CVE-2026-6772 was published Apr 21, 2026
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in... High Unreviewed
CVE-2026-6766 was published Apr 21, 2026
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or... Moderate Unreviewed
CVE-2025-43883 was published Apr 16, 2026
free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors Moderate
CVE-2026-40249 was published for github.com/free5gc/udr (Go) Apr 14, 2026
Giancannella Credited to Giancannella and FrancescoDAlterio FrancescoDAlterio FrancescoDAlterio
Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows... Moderate Unreviewed
CVE-2026-21007 was published Apr 13, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control... Moderate Unreviewed
CVE-2026-33787 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control... Moderate Unreviewed
CVE-2026-33786 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... Moderate Unreviewed
CVE-2026-33774 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... High Unreviewed
CVE-2026-33781 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... High Unreviewed
CVE-2026-33790 was published Apr 10, 2026
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts High
CVE-2026-40069 was published for bsv-sdk (RubyGems) Apr 9, 2026
sgbett Credited to sgbett
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key... High Unreviewed
CVE-2026-31790 was published Apr 8, 2026
Cosign's verify-blob-attestation reports false positive when payload parsing fails Moderate
CVE-2026-39395 was published for github.com/sigstore/cosign (Go) Apr 8, 2026
kodareef5 Credited to kodareef5
OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open) Low
CVE-2026-41377 was published for openclaw (npm) Apr 2, 2026
davidluzsilva Credited to davidluzsilva
Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation High
CVE-2026-33939 was published for handlebars (npm) Mar 27, 2026
trace37labs Credited to trace37labs
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which... Low Unreviewed
CVE-2026-3109 was published Mar 26, 2026
Mattermost: Authenticated DoS through failure to prevent rendering of external SVGs on link embeds Moderate
CVE-2026-20719 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 25, 2026
@grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling Low
GHSA-8g29-8xwr-qmhr was published for @grackle-ai/server (npm) Mar 25, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4697 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4695 was published Mar 24, 2026
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability... High Unreviewed
CVE-2026-4694 was published Mar 24, 2026
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects... High Unreviewed
CVE-2026-4699 was published Mar 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database