GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
494 advisories
Filter by severity
golang.org/x/crypto/ssh: Invoking client can cause server deadlock on unexpected responses
Critical
CVE-2026-39830
was published
for
golang.org/x/crypto/ssh
(Go)
Jun 25, 2026
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a...
Moderate
Unreviewed
CVE-2026-40209
was published
Jun 25, 2026
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Moderate
CVE-2026-45536
was published
for
io.netty:netty-transport-native-epoll
(Maven)
Jun 8, 2026
Klever-Go KVM: Throttler slot leak in trie account-data sync causes epoch bootstrap / state sync DoS
Moderate
CVE-2026-49343
was published
for
github.com/klever-io/klever-go
(Go)
Jun 5, 2026
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse
Low
CVE-2026-45287
was published
for
go.opentelemetry.io/otel/schema/v1.0
(Go)
May 28, 2026
Tanium addressed a denial of service vulnerability in Tanium Server.
Moderate
Unreviewed
CVE-2026-9156
was published
May 27, 2026
When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol ...
High
Unreviewed
CVE-2026-39455
was published
May 13, 2026
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS...
High
Unreviewed
CVE-2026-35227
was published
May 12, 2026
In the Linux kernel, the following vulnerability has been resolved:
dm: remove fake timeout to...
Moderate
Unreviewed
CVE-2026-43314
was published
May 8, 2026
Netty epoll transport denial of service via RST on half-closed TCP connection
High
CVE-2026-42577
was published
for
io.netty:netty-transport-native-epoll
(Maven)
May 6, 2026
In the Linux kernel, the following vulnerability has been resolved:
media: cx88: Add missing...
Moderate
Unreviewed
CVE-2026-43257
was published
May 6, 2026
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: tcm_loop:...
Moderate
Unreviewed
CVE-2026-43054
was published
May 1, 2026
A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by...
High
Unreviewed
CVE-2026-3104
was published
Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: purge error...
Moderate
Unreviewed
CVE-2026-23299
was published
Mar 25, 2026
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it...
High
Unreviewed
CVE-2026-2261
was published
Mar 9, 2026
A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall...
High
Unreviewed
CVE-2026-20082
was published
Mar 4, 2026
Multer vulnerable to Denial of Service via resource exhaustion
High
CVE-2026-2359
was published
for
multer
(npm)
Mar 1, 2026
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Free sp in...
Moderate
Unreviewed
CVE-2025-71232
was published
Feb 18, 2026
In the Linux kernel, the following vulnerability has been resolved:
mm/slab: Add...
Moderate
Unreviewed
CVE-2026-23219
was published
Feb 18, 2026
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mld: cancel...
High
Unreviewed
CVE-2026-23185
was published
Feb 14, 2026
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the...
High
Unreviewed
CVE-2026-21720
was published
Jan 27, 2026
Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion
Moderate
CVE-2025-14969
was published
for
org.hibernate.reactive:hibernate-reactive-core
(Maven)
Jan 26, 2026
NiceGUI has Redis connection leak via tab storage causes service degradation
Moderate
CVE-2026-21874
was published
for
nicegui
(pip)
Jan 8, 2026
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
High
CVE-2025-65947
was published
for
thread-amount
(Rust)
Nov 21, 2025
Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an...
Low
Unreviewed
CVE-2025-64734
was published
Nov 18, 2025
ProTip!
Advisories are also available from the
GraphQL API