GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
19 advisories
protobufjs has overlong UTF-8 decoding
Moderate
CVE-2026-44288
was published
for
@protobufjs/utf8
(npm)
May 12, 2026
OpenClaw: Unicode canonicalization drift in node metadata policy classification could broaden node allowlists
Moderate
GHSA-392f-ggf5-fp3c
was published
for
openclaw
(npm)
Mar 2, 2026
Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD)
Moderate
CVE-2026-25480
was published
for
litestar
(pip)
Feb 9, 2026
Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
High
CVE-2026-23950
was published
for
tar
(npm)
Jan 21, 2026
ewen-lbh/ffcss Late-Unicode normalization vulnerability
Moderate
CVE-2023-52081
was published
for
github.com/ewen-lbh/ffcss
(Go)
Dec 28, 2023
Ciphertext Malleability Issue in Tink Java
Moderate
CVE-2020-8929
was published
for
com.google.crypto.tink:tink
(Maven)
Oct 16, 2020
ProTip!
Advisories are also available from the
GraphQL API