Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

225 advisories

Loading
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service... High Unreviewed
CVE-2026-5343 was published May 29, 2026
Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation... High Unreviewed
CVE-2025-13392 was published May 27, 2026
OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads High
CVE-2026-45678 was published for go.opentelemetry.io/obi (Go) May 18, 2026
MrAlias Credited to MrAlias, grcevski, and rafaelroquetto grcevski grcevski
rafaelroquetto rafaelroquetto
free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference High
CVE-2026-44322 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference High
CVE-2026-44316 was published for github.com/free5gc/pcf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
net-imap vulnerable to STARTTLS stripping via invalid response timing High
CVE-2026-42246 was published for net-imap (RubyGems) May 4, 2026
Masamuneee Credited to Masamuneee
Clerk has an authorization bypass when combining organization, billing, or reverification checks High
CVE-2026-42349 was published for @clerk/astro (npm) Apr 30, 2026
An unauthenticated remote attacker is able to exhaust all available TCP connections in the... High Unreviewed
CVE-2026-35225 was published Apr 23, 2026
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in... High Unreviewed
CVE-2026-6772 was published Apr 21, 2026
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in... High Unreviewed
CVE-2026-6766 was published Apr 21, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... High Unreviewed
CVE-2026-33781 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... High Unreviewed
CVE-2026-33790 was published Apr 10, 2026
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts High
CVE-2026-40069 was published for bsv-sdk (RubyGems) Apr 9, 2026
sgbett Credited to sgbett
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key... High Unreviewed
CVE-2026-31790 was published Apr 8, 2026
Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation High
CVE-2026-33939 was published for handlebars (npm) Mar 27, 2026
trace37labs Credited to trace37labs
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4697 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4695 was published Mar 24, 2026
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability... High Unreviewed
CVE-2026-4694 was published Mar 24, 2026
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects... High Unreviewed
CVE-2026-4699 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects... High Unreviewed
CVE-2026-4707 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects... High Unreviewed
CVE-2026-4706 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects... High Unreviewed
CVE-2026-4709 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149... High Unreviewed
CVE-2026-4708 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox <... High Unreviewed
CVE-2026-4714 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox... High Unreviewed
CVE-2026-4719 was published Mar 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database