Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

494 advisories

Loading
golang.org/x/crypto/ssh: Invoking client can cause server deadlock on unexpected responses Critical
CVE-2026-39830 was published for golang.org/x/crypto/ssh (Go) Jun 25, 2026
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once Moderate
CVE-2026-45536 was published for io.netty:netty-transport-native-epoll (Maven) Jun 8, 2026
Klever-Go KVM: Throttler slot leak in trie account-data sync causes epoch bootstrap / state sync DoS Moderate
CVE-2026-49343 was published for github.com/klever-io/klever-go (Go) Jun 5, 2026
maiiquynhh Credited to maiiquynhh
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse Low
CVE-2026-45287 was published for go.opentelemetry.io/otel/schema/v1.0 (Go) May 28, 2026
pellared Credited to pellared and MrAlias MrAlias MrAlias
Tanium addressed a denial of service vulnerability in Tanium Server. Moderate Unreviewed
CVE-2026-9156 was published May 27, 2026
Netty epoll transport denial of service via RST on half-closed TCP connection High
CVE-2026-42577 was published for io.netty:netty-transport-native-epoll (Maven) May 6, 2026
Stormpx Credited to Stormpx, dzaisban, normanmaurer, SeBBBe, pjfanning, jneira-stratio, mpenttila, and chrisvest dzaisban dzaisban
normanmaurer normanmaurer SeBBBe SeBBBe pjfanning pjfanning jneira-stratio jneira-stratio mpenttila mpenttila chrisvest chrisvest
Multer vulnerable to Denial of Service via resource exhaustion High
CVE-2026-2359 was published for multer (npm) Mar 1, 2026
ctcpip Credited to ctcpip, nawin23, UlisesGascon, sheplu, and bjohansebas nawin23 nawin23
UlisesGascon UlisesGascon sheplu sheplu bjohansebas bjohansebas
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add... Moderate Unreviewed
CVE-2026-23219 was published Feb 18, 2026
Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion Moderate
CVE-2025-14969 was published for org.hibernate.reactive:hibernate-reactive-core (Maven) Jan 26, 2026
NiceGUI has Redis connection leak via tab storage causes service degradation Moderate
CVE-2026-21874 was published for nicegui (pip) Jan 8, 2026
yudelevi Credited to yudelevi and evnchn evnchn evnchn
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS High
CVE-2025-65947 was published for thread-amount (Rust) Nov 21, 2025
jzeuzs Credited to jzeuzs
ProTip! Advisories are also available from the GraphQL API