GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
264 advisories
protobufjs : Schema-derived names can shadow runtime-significant properties
Moderate
CVE-2026-54269
was published
for
protobufjs
(npm)
Jun 15, 2026
free5GC's UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)
Moderate
CVE-2026-44324
was published
for
github.com/free5gc/udr
(Go)
May 8, 2026
free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference
Moderate
CVE-2026-44317
was published
for
github.com/free5gc/pcf
(Go)
May 8, 2026
Admidio Missing Minimum Administrator Check in Role Membership Removal
Moderate
CVE-2026-41662
was published
for
admidio/admidio
(Composer)
Apr 29, 2026
nimiq-blockchain: Peer-triggerable panic during history sync
Moderate
CVE-2026-34066
was published
for
nimiq-blockchain
(Rust)
Apr 22, 2026
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Moderate
CVE-2026-40343
was published
for
github.com/free5gc/udr
(Go)
Apr 21, 2026
free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
Moderate
CVE-2026-40249
was published
for
github.com/free5gc/udr
(Go)
Apr 14, 2026
Cosign's verify-blob-attestation reports false positive when payload parsing fails
Moderate
CVE-2026-39395
was published
for
github.com/sigstore/cosign
(Go)
Apr 8, 2026
ProTip!
Advisories are also available from the
GraphQL API