GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
144 advisories
Filter by severity
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null...
Moderate
Unreviewed
CVE-2026-61857
was published
Jul 11, 2026
chmod: recursive mode returns exit code 0 even when some files fail (last-file-wins)
Moderate
CVE-2026-35339
was published
for
uu_chmod
(Rust)
Jul 6, 2026
When using the "tarfile" module with a file opened in "streaming mode" (mode="r|") the tarfile...
High
Unreviewed
CVE-2026-11972
was published
Jun 24, 2026
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
Moderate
CVE-2026-46521
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT
High
CVE-2026-40092
was published
for
nimiq-keys
(Rust)
May 15, 2026
An unchecked return value within the AMD Platform Management Framework (PMF) could allow an...
High
Unreviewed
CVE-2025-0028
was published
May 15, 2026
An unchecked return value within the AMD Platform Management Framework (PMF) could allow an...
High
Unreviewed
CVE-2025-29938
was published
May 15, 2026
When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2026-40060
was published
May 13, 2026
Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13...
Moderate
Unreviewed
CVE-2026-20793
was published
May 12, 2026
nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals
High
CVE-2026-34065
was published
for
nimiq-primitives
(Rust)
Apr 22, 2026
uutils coreutils has an Unchecked Return Value Issue
Low
CVE-2026-35344
was published
for
coreutils
(Rust)
Apr 22, 2026
Withdrawn Advisory: Kirby CMS has Persistent DoS via Malformed Image Upload
Moderate
CVE-2026-29905
was published
for
getkirby/cms
(Composer)
Mar 27, 2026
•
withdrawn
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SDCA: Add allocation...
Moderate
Unreviewed
CVE-2026-23301
was published
Mar 25, 2026
ImageMagick has uninitialized pointer dereference in JBIG decoder
High
CVE-2026-28691
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Mar 12, 2026
sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest
High
CVE-2026-31830
was published
for
sigstore
(RubyGems)
Mar 11, 2026
Nokogiri does not check the return value from xmlC14NExecute
Moderate
GHSA-wx95-c6cv-8532
was published
for
nokogiri
(RubyGems)
Feb 18, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18...
High
Unreviewed
CVE-2026-0723
was published
Jan 22, 2026
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX...
High
Unreviewed
CVE-2026-21920
was published
Jan 15, 2026
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and...
High
Unreviewed
CVE-2026-0421
was published
Jan 15, 2026
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values
Critical
CVE-2025-66565
was published
for
github.com/gofiber/utils
(Go)
Dec 8, 2025
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of...
Moderate
Unreviewed
CVE-2025-11839
was published
Oct 16, 2025
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2025-61935
was published
Oct 15, 2025
An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3...
Low
Unreviewed
CVE-2025-58903
was published
Oct 14, 2025
An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy...
Moderate
Unreviewed
CVE-2025-55146
was published
Sep 9, 2025
In the Linux kernel, the following vulnerability has been resolved:
iwlwifi: Add missing check...
Moderate
Unreviewed
CVE-2025-38602
was published
Aug 19, 2025
ProTip!
Advisories are also available from the
GraphQL API