Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,900
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,373
Swift
54
Unreviewed advisories
All unreviewed
5,000+

4,783 advisories

Loading
IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a... Moderate Unreviewed
CVE-2026-8479 was published May 26, 2026
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and... High Unreviewed
CVE-2026-48829 was published May 26, 2026
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set Moderate
CVE-2026-8723 was published for qs (npm) May 22, 2026
joannalange Credited to joannalange and ljharb ljharb ljharb
HAX CMS: Denial of Service using Malicious Import Request Moderate
CVE-2026-46357 was published for @haxtheweb/haxcms-nodejs (npm) May 19, 2026
silentrex04 Credited to silentrex04
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation.... Moderate Unreviewed
CVE-2026-47308 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-25110 was published May 19, 2026
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause... Moderate Unreviewed
CVE-2026-47307 was published May 19, 2026
When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are... High Unreviewed
CVE-2026-42409 was published May 13, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over... High Unreviewed
CVE-2026-40413 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally. High Unreviewed
CVE-2026-40401 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a... High Unreviewed
CVE-2026-40405 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over... High Unreviewed
CVE-2026-40414 was published May 12, 2026
Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-34662 was published May 12, 2026
Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-34350 was published May 12, 2026
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an... Moderate Unreviewed
CVE-2026-34339 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13... Moderate Unreviewed
CVE-2026-20771 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0... Moderate Unreviewed
CVE-2026-20914 was published May 12, 2026
The affected devices contain a null pointer dereference vulnerability while processing specially... High Unreviewed
CVE-2025-40833 was published May 12, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2026-28985 was published May 11, 2026
A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server... Moderate Unreviewed
CVE-2026-6666 was published May 9, 2026
free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating High
CVE-2026-44328 was published for github.com/free5gc/smf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's UDR nudr-dr DELETE amf-subscriptions panics on missing subsId when UE state exists (nil pointer dereference) Moderate
CVE-2026-44323 was published for github.com/free5gc/udr (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference High
CVE-2026-44322 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference Moderate
CVE-2026-44317 was published for github.com/free5gc/pcf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference High
CVE-2026-44316 was published for github.com/free5gc/pcf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database