Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

619 advisories

Loading
Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain... Moderate Unreviewed
CVE-2026-11196 was published Jun 5, 2026
Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to... High Unreviewed
CVE-2026-11076 was published Jun 5, 2026
Type Confusion in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote... Critical Unreviewed
CVE-2026-11052 was published Jun 5, 2026
Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to... High Unreviewed
CVE-2026-10962 was published Jun 5, 2026
Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote... High Unreviewed
CVE-2026-10955 was published Jun 5, 2026
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute... High Unreviewed
CVE-2026-10935 was published Jun 5, 2026
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute... High Unreviewed
CVE-2026-10936 was published Jun 5, 2026
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute... High Unreviewed
CVE-2026-10910 was published Jun 5, 2026
Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys... High Unreviewed
CVE-2026-9334 was published Jun 3, 2026
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet... Moderate Unreviewed
CVE-2026-48682 was published Jun 2, 2026
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in... Moderate Unreviewed
CVE-2026-10702 was published Jun 2, 2026
tar has a PAX header desynchronization issue Moderate
GHSA-3pv8-6f4r-ffg2 was published for tar (Rust) May 29, 2026
woodruffw Credited to woodruffw
astral-tokio-tar has a PAX Header Desynchronization issue Moderate
GHSA-3cv2-h65g-fgmm was published for astral-tokio-tar (Rust) May 29, 2026
woodruffw Credited to woodruffw
Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to... High Unreviewed
CVE-2026-9983 was published May 29, 2026
Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a... High Unreviewed
CVE-2026-10022 was published May 29, 2026
containerd user ID handling bypass allows runAsNonRoot evasion High
CVE-2026-46680 was published for github.com/containerd/containerd (Go) May 21, 2026
ssst0n3 Credited to ssst0n3
Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a... High Unreviewed
CVE-2026-9117 was published May 20, 2026
Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain... Moderate Unreviewed
CVE-2026-8570 was published May 14, 2026
Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to... High Unreviewed
CVE-2026-8540 was published May 14, 2026
Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8554 was published May 14, 2026
TanStack Start - Server Core: Inbound server-function request deserialization could invoke a sibling client-referenced server function Moderate
GHSA-9m65-766c-r333 was published for @tanstack/start-server-core (npm) May 14, 2026
mufeedvh Credited to mufeedvh
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an... High Unreviewed
CVE-2026-35417 was published May 12, 2026
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function... High Unreviewed
CVE-2026-34344 was published May 12, 2026
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and... High Unreviewed
CVE-2026-28983 was published May 11, 2026
free5GC NRF: type-confusion panic in POST /oauth2/token structured-form parser via Reflect.Set on incompatible types High
CVE-2026-44325 was published for github.com/free5gc/nrf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database