GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
395 advisories
Filter by severity
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate...
High
Unreviewed
CVE-2026-57968
was published
Jul 14, 2026
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
High
Unreviewed
CVE-2026-55036
was published
Jul 14, 2026
Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information...
Moderate
Unreviewed
CVE-2026-50504
was published
Jul 14, 2026
Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an...
Moderate
Unreviewed
CVE-2026-50485
was published
Jul 14, 2026
Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally.
Moderate
Unreviewed
CVE-2026-50475
was published
Jul 14, 2026
Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network.
Moderate
Unreviewed
CVE-2026-50468
was published
Jul 14, 2026
Buffer over-read in Windows RDP allows an unauthorized attacker to disclose information over a...
Moderate
Unreviewed
CVE-2026-50445
was published
Jul 14, 2026
Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges...
High
Unreviewed
CVE-2026-50435
was published
Jul 14, 2026
Incorrect conversion between numeric types in Windows NTFS allows an authorized attacker to...
High
Unreviewed
CVE-2026-50402
was published
Jul 14, 2026
Buffer over-read in Windows Print Spooler Components allows an authorized attacker to disclose...
Moderate
Unreviewed
CVE-2026-50383
was published
Jul 14, 2026
Buffer over-read in Windows NTFS allows an authorized attacker to disclose information locally.
Moderate
Unreviewed
CVE-2026-50341
was published
Jul 14, 2026
A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7...
Moderate
Unreviewed
CVE-2026-59840
was published
Jul 14, 2026
A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7...
Moderate
Unreviewed
CVE-2025-43892
was published
Jul 14, 2026
An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain...
Moderate
Unreviewed
CVE-2026-50813
was published
Jul 8, 2026
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
High
Unreviewed
CVE-2026-21379
was published
Jul 6, 2026
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used...
Moderate
Unreviewed
CVE-2026-58012
was published
Jun 30, 2026
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the...
Moderate
Unreviewed
CVE-2026-58013
was published
Jun 30, 2026
A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in...
Moderate
Unreviewed
CVE-2026-58010
was published
Jun 30, 2026
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by...
Moderate
Unreviewed
CVE-2026-41992
was published
Jun 29, 2026
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in...
Moderate
Unreviewed
CVE-2026-40210
was published
Jun 25, 2026
Tornado has out-of-bounds memory access via C extension
Low
CVE-2026-49854
was published
for
tornado
(pip)
Jun 12, 2026
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information...
Moderate
Unreviewed
CVE-2026-45460
was published
Jun 9, 2026
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to...
High
Unreviewed
CVE-2026-42828
was published
Jun 9, 2026
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the...
Moderate
Unreviewed
CVE-2026-11787
was published
Jun 9, 2026
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker...
High
Unreviewed
CVE-2026-44185
was published
Jun 8, 2026
ProTip!
Advisories are also available from the
GraphQL API