Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,150 advisories

Loading
A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an... High Unreviewed
CVE-2026-29169 was published May 4, 2026
An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open... High Unreviewed
CVE-2026-42478 was published May 1, 2026
NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client... High Unreviewed
CVE-2026-42800 was published Apr 30, 2026
GoBGP has Remote Denial of Service (Panic) via Malformed Well-known Path Attribute High
CVE-2026-41642 was published for github.com/osrg/gobgp/v4 (Go) Apr 29, 2026
bacon251 Credited to bacon251
A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5... High Unreviewed
CVE-2026-31256 was published Apr 27, 2026
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref... High Unreviewed
CVE-2026-31638 was published Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid... High Unreviewed
CVE-2026-31600 was published Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leaks and... High Unreviewed
CVE-2026-31477 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log... High Unreviewed
CVE-2026-31453 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after... High Unreviewed
CVE-2026-31450 was published Apr 22, 2026
A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing... High Unreviewed
CVE-2026-30656 was published Apr 16, 2026
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an... High Unreviewed
CVE-2026-32071 was published Apr 14, 2026
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a... High Unreviewed
CVE-2025-66769 was published Apr 13, 2026
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the... High Unreviewed
CVE-2025-69624 was published Apr 13, 2026
A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by... High Unreviewed
CVE-2026-1584 was published Apr 9, 2026
Issue summary: During processing of a crafted CMS EnvelopedData message with... High Unreviewed
CVE-2026-28389 was published Apr 8, 2026
Issue summary: During processing of a crafted CMS EnvelopedData message with... High Unreviewed
CVE-2026-28390 was published Apr 8, 2026
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL... High Unreviewed
CVE-2026-28388 was published Apr 8, 2026
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix use of... High Unreviewed
CVE-2026-31397 was published Apr 3, 2026
In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object... High Unreviewed
CVE-2026-31404 was published Apr 3, 2026
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer... High Unreviewed
CVE-2026-34874 was published Apr 1, 2026
Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted High
GHSA-c279-989m-238f was published for github.com/bishopfox/sliver (Go) Mar 29, 2026
VarshankNaik Credited to VarshankNaik
On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a... High Unreviewed
CVE-2026-4652 was published Mar 26, 2026
NATS Server panic via malicious compression on leafnode port High
CVE-2026-29785 was published for github.com/nats-io/nats-server (Go) Mar 24, 2026
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source,... High Unreviewed
CVE-2026-27651 was published Mar 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database