GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
145 advisories
Filter by severity
Tanium addressed a denial of service vulnerability in Tanium Server.
High
Unreviewed
CVE-2026-15053
was published
Jul 8, 2026
Coder's unbounded memory allocation in provisioner file upload allows authenticated denial of service
Moderate
CVE-2026-55079
was published
for
github.com/coder/coder/v2
(Go)
Jul 6, 2026
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache...
High
Unreviewed
CVE-2026-50734
was published
Jun 30, 2026
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All...
High
Unreviewed
CVE-2026-53916
was published
Jun 30, 2026
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All...
High
Unreviewed
CVE-2026-53917
was published
Jun 30, 2026
MessagePack-CSharp: Denial of service vulnerabilities can swamp the CPU or crash the process with stack and heap overflows
High
CVE-2026-48502
was published
for
MessagePack
(NuGet)
Jun 25, 2026
ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing
Moderate
CVE-2026-54697
was published
for
org.connectbot.sshlib:sshlib
(Maven)
Jun 12, 2026
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation
Moderate
CVE-2026-54700
was published
for
org.connectbot.sshlib:sshlib
(Maven)
Jun 12, 2026
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser...
High
Unreviewed
CVE-2026-10142
was published
Jun 11, 2026
Dulwich has unbounded memory allocation in receive-pack from crafted thin packs
Moderate
CVE-2026-47734
was published
for
dulwich
(pip)
Jun 8, 2026
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads...
High
Unreviewed
CVE-2026-49975
was published
Jun 8, 2026
Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows...
Moderate
Unreviewed
CVE-2026-47319
was published
Jun 4, 2026
opentelemetry-go's baggage parsing no longer caps raw header length
Moderate
CVE-2026-41178
was published
for
go.opentelemetry.io/otel/baggage
(Go)
May 28, 2026
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry...
High
Unreviewed
CVE-2026-9538
was published
May 26, 2026
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash...
Moderate
Unreviewed
CVE-2018-25378
was published
May 26, 2026
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers...
High
Unreviewed
CVE-2018-25368
was published
May 26, 2026
Mattermost doesn't properly validate msgpack-encoded WebSocket frames before memory allocation
High
CVE-2026-5740
was published
for
github.com/mattermost/mattermost-server
(Go)
May 26, 2026
Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows...
Moderate
Unreviewed
CVE-2026-8485
was published
May 20, 2026
Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows...
Moderate
Unreviewed
CVE-2026-47313
was published
May 19, 2026
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder
High
GHSA-mx64-mj3q-7prj
was published
for
github.com/iskorotkov/avro/v2
(Go)
May 18, 2026
Mattermost doesn't validate 7zip archive structure before processing
Moderate
CVE-2026-6340
was published
for
github.com/mattermost/mattermost-server
(Go)
May 18, 2026
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows...
High
Unreviewed
CVE-2021-47972
was published
May 16, 2026
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the...
High
Unreviewed
CVE-2021-47970
was published
May 16, 2026
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the...
High
Unreviewed
CVE-2021-47971
was published
May 16, 2026
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to...
High
Unreviewed
CVE-2021-47973
was published
May 16, 2026
ProTip!
Advisories are also available from the
GraphQL API