Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced Moderate
CVE-2026-47244 was published for io.netty:netty-codec-http2 (Maven) Jun 8, 2026
chrisvest Credited to chrisvest
Netty MQTT: Resource exhaustion in MqttDecoder Moderate
CVE-2026-44248 was published for io.netty:netty-codec-mqtt (Maven) May 7, 2026
chrisvest Credited to chrisvest
Netty epoll transport denial of service via RST on half-closed TCP connection High
CVE-2026-42577 was published for io.netty:netty-transport-native-epoll (Maven) May 6, 2026
Stormpx Credited to Stormpx, dzaisban, normanmaurer, SeBBBe, pjfanning, jneira-stratio, mpenttila, and chrisvest dzaisban dzaisban
normanmaurer normanmaurer SeBBBe SeBBBe pjfanning pjfanning jneira-stratio jneira-stratio mpenttila mpenttila chrisvest chrisvest
Denial of Service attack on windows app using Netty Moderate
CVE-2025-25193 was published for io.netty:netty-common (Maven) Feb 10, 2025
chrisvest Credited to chrisvest, navzen2000, henrikplate, JensBoening1337, and jfposton navzen2000 navzen2000
henrikplate henrikplate JensBoening1337 JensBoening1337 jfposton jfposton
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database