GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
382 advisories
Filter by severity
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2...
Moderate
Unreviewed
CVE-2026-6238
was published
Apr 28, 2026
rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
High
CVE-2026-41898
was published
for
openssl
(Rust)
Apr 22, 2026
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize...
Low
Unreviewed
CVE-2026-0930
was published
Apr 21, 2026
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate...
High
Unreviewed
CVE-2026-26184
was published
Apr 14, 2026
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2026-26155
was published
Apr 14, 2026
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information...
Moderate
Unreviewed
CVE-2026-26169
was published
Apr 14, 2026
A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c)...
Low
Unreviewed
CVE-2026-5772
was published
Apr 10, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21378
was published
Apr 6, 2026
Transient DOS when receiving a service data frame with excessive length during device matching...
High
Unreviewed
CVE-2026-21381
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21376
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21375
was published
Apr 6, 2026
Memory Corruption when processing auxiliary sensor input/output control commands with...
High
Unreviewed
CVE-2026-21374
was published
Apr 6, 2026
Memory Corruption when retrieving output buffer with insufficient size validation.
High
Unreviewed
CVE-2026-21371
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21373
was published
Apr 6, 2026
Memory corruption while preprocessing IOCTL request in JPEG driver.
High
Unreviewed
CVE-2025-47390
was published
Apr 6, 2026
Cryptographic issue while copying data to a destination buffer without validating its size.
High
Unreviewed
CVE-2025-47400
was published
Apr 6, 2026
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes...
High
Unreviewed
CVE-2026-21367
was published
Apr 6, 2026
Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread...
Moderate
Unreviewed
CVE-2026-2394
was published
Apr 1, 2026
An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response...
Moderate
Unreviewed
CVE-2026-24028
was published
Mar 31, 2026
A malicious mail server could send malformed strings with negative lengths, causing the parser to...
High
Unreviewed
CVE-2026-4371
was published
Mar 24, 2026
fido2-lib is vulnerable to DoS via cbor-extract heap buffer over-read in CBOR attestation parsing
High
GHSA-g3qj-j598-cxmq
was published
for
fido2-lib
(npm)
Mar 24, 2026
Memory Corruption when adding user-supplied data without checking available buffer space.
High
Unreviewed
CVE-2025-59600
was published
Mar 2, 2026
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization ...
High
Unreviewed
CVE-2026-28364
was published
Feb 27, 2026
ImageMagick has a heap Buffer Over-read in its DJVU image format handler
Moderate
CVE-2026-27799
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 25, 2026
ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images
Moderate
CVE-2026-27798
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 25, 2026
ProTip!
Advisories are also available from the
GraphQL API