GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
1,150 advisories
Filter by severity
Muhammara has a NULL pointer dereference in LZWDecode filter when DecodeParms omits EarlyChange key
High
GHSA-fhp4-pr5j-46m5
was published
for
muhammara
(npm)
Jun 26, 2026
An unauthenticated
NULL pointer dereference vulnerability exists in the HTTP request parsing...
High
Unreviewed
CVE-2026-57875
was published
Jun 26, 2026
An unauthenticated
NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in...
High
Unreviewed
CVE-2026-57873
was published
Jun 26, 2026
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is...
High
Unreviewed
CVE-2025-32913
was published
Apr 14, 2025
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service...
High
Unreviewed
CVE-2026-9716
was published
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Reject non-8-byte...
High
Unreviewed
CVE-2026-46114
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: Prevent NULL...
High
Unreviewed
CVE-2026-46110
was published
May 28, 2026
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
High
Unreviewed
CVE-2023-2609
was published
May 9, 2023
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a...
High
Unreviewed
CVE-2026-0156
was published
Jun 16, 2026
HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference...
High
Unreviewed
CVE-2026-55204
was published
Jun 18, 2026
In the Linux kernel, the following vulnerability has been resolved:
libceph: Prevent potential...
High
Unreviewed
CVE-2026-46024
was published
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/exynos: vidi: fix to...
High
Unreviewed
CVE-2026-45958
was published
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp - Fix a crash...
High
Unreviewed
CVE-2026-45959
was published
May 27, 2026
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC...
High
Unreviewed
CVE-2025-55657
was published
Jun 9, 2026
Issue summary: When a partial-chain certificate verification is enabled
together with OCSP...
High
Unreviewed
CVE-2026-42765
was published
Jun 9, 2026
Issue summary: Receiving a QUIC initial packet with an invalid token may
trigger a NULL pointer...
High
Unreviewed
CVE-2026-42764
was published
Jun 9, 2026
An authorized user could trigger a server crash by running a query with a 2dsphere index on a...
High
Unreviewed
CVE-2026-9752
was published
Jun 10, 2026
In MongoDB Server 8.0, an aggregation stage can leave its _subPipeline field null during...
High
Unreviewed
CVE-2026-9743
was published
Jun 10, 2026
Klever-Go KVM: Unauthenticated remote node crash (nil-pointer DoS) in klever-go P2P transaction interceptor (txVersionChecker nil RawData) - potential chain halt
High
CVE-2026-52878
was published
for
github.com/klever-io/klever-go
(Go)
Jun 5, 2026
free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating
High
CVE-2026-44328
was published
for
github.com/free5gc/smf
(Go)
May 8, 2026
free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference
High
CVE-2026-44322
was published
for
github.com/free5gc/nef
(Go)
May 8, 2026
free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference
High
CVE-2026-44316
was published
for
github.com/free5gc/pcf
(Go)
May 8, 2026
A flaw was found in Samba’s WINS server component when running as an Active Directory Domain...
High
Unreviewed
CVE-2026-3238
was published
Jun 8, 2026
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and...
High
Unreviewed
CVE-2026-48829
was published
May 26, 2026
A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker...
High
Unreviewed
CVE-2020-27279
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API