GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
414 advisories
Filter by severity
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services ...
Moderate
Unreviewed
CVE-2026-50324
was published
Jul 14, 2026
In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, an infinite loop was discovered in the...
Moderate
Unreviewed
CVE-2026-62642
was published
Jul 14, 2026
pypdf: Possible infinite loop when processing threads/articles in writer
Moderate
CVE-2026-54651
was published
for
pypdf
(pip)
Jul 9, 2026
GNU patch is vulnerable to a denial of service (DoS) due to improper validation of hunk (single...
Moderate
Unreviewed
CVE-2026-56289
was published
Jul 9, 2026
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow...
Moderate
Unreviewed
CVE-2026-15163
was published
Jul 8, 2026
FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an...
Moderate
Unreviewed
CVE-2026-6684
was published
Jul 1, 2026
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially...
Moderate
Unreviewed
CVE-2026-14258
was published
Jul 1, 2026
In the Linux kernel, the following vulnerability has been resolved:
iommu/riscv: Remove...
Moderate
Unreviewed
CVE-2026-53312
was published
Jun 26, 2026
ImageMagick has an Infinite Loop in subimage-search with crafted image
Moderate
CVE-2026-48733
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: Fix ttm_bo_swapout(...
Moderate
Unreviewed
CVE-2026-52965
was published
Jun 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: stop hash:...
Moderate
Unreviewed
CVE-2026-52921
was published
Jun 24, 2026
Python Liquid: Infinite loop when parsing malformed `{% case %}` tags
Moderate
CVE-2026-55865
was published
for
python-liquid
(pip)
Jun 19, 2026
pypdf: Possible infinite loop when processing outlines/bookmarks in writer
Moderate
CVE-2026-54531
was published
for
pypdf
(pip)
Jun 16, 2026
pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
Moderate
CVE-2026-54530
was published
for
pypdf
(pip)
Jun 16, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Reject empty...
Moderate
Unreviewed
CVE-2026-46314
was published
Jun 8, 2026
A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by...
Moderate
Unreviewed
CVE-2026-10028
was published
May 29, 2026
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Avoid...
Moderate
Unreviewed
CVE-2026-46146
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
sched/rt: Skip currently...
Moderate
Unreviewed
CVE-2026-45919
was published
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: prevent infinite...
Moderate
Unreviewed
CVE-2026-45864
was published
May 27, 2026
OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle
Moderate
CVE-2026-45785
was published
for
OpenMcdf
(NuGet)
May 19, 2026
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
Moderate
CVE-2026-46521
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
In the Linux kernel, the following vulnerability has been resolved:
arm64: contpte: fix...
Moderate
Unreviewed
CVE-2026-43486
was published
May 13, 2026
go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion
Moderate
CVE-2026-44740
was published
for
github.com/go-git/go-billy/v5
(Go)
May 13, 2026
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory...
Moderate
Unreviewed
CVE-2026-34962
was published
May 12, 2026
Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS
Moderate
CVE-2026-41150
was published
for
mermaid
(npm)
May 11, 2026
ProTip!
Advisories are also available from the
GraphQL API