GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
155 advisories
Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input
High
CVE-2026-33891
was published
for
node-forge
(npm)
Mar 26, 2026
pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
Moderate
CVE-2026-33699
was published
for
pypdf
(pip)
Mar 25, 2026
Denial of service via non-terminating SYLT frame parsing loop in tinytag
Moderate
CVE-2026-32889
was published
for
tinytag
(pip)
Mar 19, 2026
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
High
CVE-2026-32875
was published
for
ujson
(pip)
Mar 18, 2026
music-metadata has an infinite loop vulnerability in ASF parser
High
CVE-2026-32256
was published
for
music-metadata
(npm)
Mar 17, 2026
Micronaut vulnerable to DoS via crafted form-urlencoded body binding with descending array indices
High
CVE-2026-33013
was published
for
io.micronaut:micronaut-json-core
(Maven)
Mar 17, 2026
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
Low
CVE-2026-27628
was published
for
pypdf
(pip)
Feb 25, 2026
ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`
Moderate
CVE-2026-26283
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
Moderate
CVE-2026-26066
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
bn.js affected by an infinite loop
Moderate
CVE-2026-2739
was published
for
bn.js
(npm)
Feb 20, 2026
pypdf has a possible infinite loop when processing TreeObject
Moderate
CVE-2026-27024
was published
for
pypdf
(pip)
Feb 18, 2026
Sandbox escape via infinite recursion and error objects
Moderate
CVE-2026-25533
was published
for
@enclave-vm/core
(npm)
Feb 5, 2026
pypdf has possible Infinite Loop when processing outlines/bookmarks
Moderate
CVE-2026-24688
was published
for
pypdf
(pip)
Jan 26, 2026
ImageMagick MSL: Stack overflow via infinite recursion in ProcessMSLScript
Moderate
CVE-2026-23874
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Jan 21, 2026
AIOHTTP vulnerable to DoS when bypassing asserts
Moderate
CVE-2025-69227
was published
for
aiohttp
(pip)
Jan 5, 2026
quiche connection ID retirement can trigger an infinite loop
High
CVE-2025-7054
was published
for
quiche
(Rust)
Aug 7, 2025
ImageMagick has XMP profile write that triggers hang due to unbounded loop
High
CVE-2025-53015
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Jul 23, 2025
OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint
Moderate
CVE-2025-48879
was published
for
OctoPrint
(pip)
Jun 10, 2025
GeoServer Infinite Loop Vulnerability in Jiffle process
High
CVE-2025-30145
was published
for
org.geoserver.extension:gs-wps-core
(Maven)
Jun 10, 2025
ProTip!
Advisories are also available from the
GraphQL API