Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

145 advisories

Loading
Tanium addressed a denial of service vulnerability in Tanium Server. High Unreviewed
CVE-2026-15053 was published Jul 8, 2026
Coder's unbounded memory allocation in provisioner file upload allows authenticated denial of service Moderate
CVE-2026-55079 was published for github.com/coder/coder/v2 (Go) Jul 6, 2026
AArnott Credited to AArnott
ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing Moderate
CVE-2026-54697 was published for org.connectbot.sshlib:sshlib (Maven) Jun 12, 2026
Pig-Tail Credited to Pig-Tail and kruton kruton kruton
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation Moderate
CVE-2026-54700 was published for org.connectbot.sshlib:sshlib (Maven) Jun 12, 2026
kruton Credited to kruton
Dulwich has unbounded memory allocation in receive-pack from crafted thin packs Moderate
CVE-2026-47734 was published for dulwich (pip) Jun 8, 2026
jelmer Credited to jelmer
opentelemetry-go's baggage parsing no longer caps raw header length Moderate
CVE-2026-41178 was published for go.opentelemetry.io/otel/baggage (Go) May 28, 2026
pellared Credited to pellared and XSAM XSAM XSAM
Mattermost doesn't properly validate msgpack-encoded WebSocket frames before memory allocation High
CVE-2026-5740 was published for github.com/mattermost/mattermost-server (Go) May 26, 2026
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder High
GHSA-mx64-mj3q-7prj was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
Mattermost doesn't validate 7zip archive structure before processing Moderate
CVE-2026-6340 was published for github.com/mattermost/mattermost-server (Go) May 18, 2026
ProTip! Advisories are also available from the GraphQL API