GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
781 advisories
Filter by severity
Snappier has an infinite loop during SnappyStream decompression with malformed framed input
High
CVE-2026-44302
was published
for
Snappier
(NuGet)
May 6, 2026
In the Linux kernel, the following vulnerability has been resolved:
mshv: Fix infinite fault...
Moderate
Unreviewed
CVE-2026-43096
was published
May 6, 2026
Pillow has a PDF Parsing Trailer Infinite Loop (DoS)
Moderate
CVE-2026-42310
was published
for
pillow
(pip)
May 4, 2026
TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service
Moderate
Unreviewed
CVE-2026-6528
was published
Apr 30, 2026
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-6534
was published
Apr 30, 2026
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-6531
was published
Apr 30, 2026
DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4
Moderate
Unreviewed
CVE-2026-6536
was published
Apr 30, 2026
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14...
Moderate
Unreviewed
CVE-2026-6521
was published
Apr 30, 2026
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-6519
was published
Apr 30, 2026
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-5407
was published
Apr 30, 2026
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14...
Moderate
Unreviewed
CVE-2026-6520
was published
Apr 30, 2026
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-6523
was published
Apr 30, 2026
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14...
Moderate
Unreviewed
CVE-2026-6522
was published
Apr 30, 2026
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-7375
was published
Apr 30, 2026
Marked Vulnerable to OOM Denial of Service via Infinite Recursion in marked Tokenizer
High
CVE-2026-41680
was published
for
marked
(npm)
Apr 29, 2026
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix call removal to...
Moderate
Unreviewed
CVE-2026-31642
was published
Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
wifi: wlcore: Return -ENOMEM...
High
Unreviewed
CVE-2026-31552
was published
Apr 24, 2026
OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle
Moderate
CVE-2026-41511
was published
for
OpenMcdf
(NuGet)
Apr 22, 2026
justhtml has sanitization bypass in custom policies and programmatic DOM
Moderate
GHSA-vrx2-77f2-ww34
was published
for
justhtml
(pip)
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix ERTM...
Moderate
Unreviewed
CVE-2026-31498
was published
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
xfrm: iptfs: validate inner...
Moderate
Unreviewed
CVE-2026-31472
was published
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid infinite loops...
Critical
Unreviewed
CVE-2026-31448
was published
Apr 22, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
High
Unreviewed
CVE-2026-34282
was published
Apr 21, 2026
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a...
Moderate
Unreviewed
CVE-2026-41285
was published
Apr 21, 2026
Uncontrolled resource consumption and loop with unreachable exit condition in facil.io and downstream iodine ruby gem
High
CVE-2026-41146
was published
for
iodine
(RubyGems)
Apr 14, 2026
ProTip!
Advisories are also available from the
GraphQL API