Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

414 advisories

Loading
pypdf: Possible infinite loop when processing threads/articles in writer Moderate
CVE-2026-54651 was published for pypdf (pip) Jul 9, 2026
k0w4lzk1 Credited to k0w4lzk1 and stefan6419846 stefan6419846 stefan6419846
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove... Moderate Unreviewed
CVE-2026-53312 was published Jun 26, 2026
ImageMagick has an Infinite Loop in subimage-search with crafted image Moderate
CVE-2026-48733 was published for Magick.NET-Q16-AnyCPU (NuGet) Jun 25, 2026
omkhar Credited to omkhar
Python Liquid: Infinite loop when parsing malformed `{% case %}` tags Moderate
CVE-2026-55865 was published for python-liquid (pip) Jun 19, 2026
Nuhiat-Arefin Credited to Nuhiat-Arefin
pypdf: Possible infinite loop when processing outlines/bookmarks in writer Moderate
CVE-2026-54531 was published for pypdf (pip) Jun 16, 2026
SagDeap Credited to SagDeap and stefan6419846 stefan6419846 stefan6419846
pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction Moderate
CVE-2026-54530 was published for pypdf (pip) Jun 16, 2026
SagDeap Credited to SagDeap and stefan6419846 stefan6419846 stefan6419846
A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by... Moderate Unreviewed
CVE-2026-10028 was published May 29, 2026
OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle Moderate
CVE-2026-45785 was published for OpenMcdf (NuGet) May 19, 2026
pawlos Credited to pawlos
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression Moderate
CVE-2026-46521 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
sharadboni Credited to sharadboni
In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix... Moderate Unreviewed
CVE-2026-43486 was published May 13, 2026
go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion Moderate
CVE-2026-44740 was published for github.com/go-git/go-billy/v5 (Go) May 13, 2026
faran66 Credited to faran66
Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS Moderate
CVE-2026-41150 was published for mermaid (npm) May 11, 2026
aloisklink Credited to aloisklink and Twavesx Twavesx Twavesx
ProTip! Advisories are also available from the GraphQL API