GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
589 advisories
Filter by severity
GNU patch is vulnerable to a denial of service (DoS) due to improper validation of hunk (single...
Moderate
Unreviewed
CVE-2026-56289
was published
Jul 9, 2026
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow...
Moderate
Unreviewed
CVE-2026-15163
was published
Jul 8, 2026
An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server
to trigger a remote...
High
Unreviewed
CVE-2026-11352
was published
Jul 3, 2026
FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an...
Moderate
Unreviewed
CVE-2026-6684
was published
Jul 1, 2026
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially...
Moderate
Unreviewed
CVE-2026-14258
was published
Jul 1, 2026
In the Linux kernel, the following vulnerability has been resolved:
iommu/riscv: Remove...
Moderate
Unreviewed
CVE-2026-53312
was published
Jun 26, 2026
In the Linux kernel, the following vulnerability has been resolved:
io_uring/poll: fix signed...
High
Unreviewed
CVE-2026-52933
was published
Jun 24, 2026
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: stop hash:...
Moderate
Unreviewed
CVE-2026-52921
was published
Jun 24, 2026
libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service...
High
Unreviewed
CVE-2026-55199
was published
Jun 17, 2026
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers...
High
Unreviewed
CVE-2025-71329
was published
Jun 10, 2026
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers...
High
Unreviewed
CVE-2025-71330
was published
Jun 10, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Reject empty...
Moderate
Unreviewed
CVE-2026-46314
was published
Jun 8, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module...
High
Unreviewed
CVE-2026-44186
was published
Jun 8, 2026
A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by...
Moderate
Unreviewed
CVE-2026-10028
was published
May 29, 2026
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Avoid...
Moderate
Unreviewed
CVE-2026-46146
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
sched/rt: Skip currently...
Moderate
Unreviewed
CVE-2026-45919
was published
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: prevent infinite...
Moderate
Unreviewed
CVE-2026-45864
was published
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
arm64: contpte: fix...
Moderate
Unreviewed
CVE-2026-43486
was published
May 13, 2026
When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server,...
High
Unreviewed
CVE-2026-42920
was published
May 13, 2026
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local...
High
Unreviewed
CVE-2026-42781
was published
May 13, 2026
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory...
Moderate
Unreviewed
CVE-2026-34962
was published
May 12, 2026
A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote...
High
Unreviewed
CVE-2026-4890
was published
May 11, 2026
lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser ...
High
Unreviewed
CVE-2026-29975
was published
May 8, 2026
In the Linux kernel, the following vulnerability has been resolved:
mshv: Fix infinite fault...
Moderate
Unreviewed
CVE-2026-43096
was published
May 6, 2026
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows...
Moderate
Unreviewed
CVE-2026-6534
was published
Apr 30, 2026
ProTip!
Advisories are also available from the
GraphQL API