Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

270 advisories

Loading
File Browser has a DoS Vulnerability via Public Login API High
CVE-2026-54092 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
AshrafIbrahim03 Credited to AshrafIbrahim03
The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability,... High Unreviewed
CVE-2026-12059 was published Jun 12, 2026
In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation... Moderate Unreviewed
CVE-2026-11596 was published Jun 10, 2026
libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer... High Unreviewed
CVE-2026-53689 was published Jun 10, 2026
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product... Critical Unreviewed
CVE-2026-49777 was published Jun 5, 2026
ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag High
CVE-2026-8813 was published for exifreader (npm) May 29, 2026
yuki-matsuhashi Credited to yuki-matsuhashi
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the... Low Unreviewed
CVE-2026-47329 was published May 28, 2026
A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm... Moderate Unreviewed
CVE-2026-9801 was published May 28, 2026
IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by... Moderate Unreviewed
CVE-2026-7254 was published May 27, 2026
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this... Moderate Unreviewed
CVE-2026-9704 was published May 27, 2026
IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux,... Moderate Unreviewed
CVE-2026-3676 was published May 27, 2026
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads... Moderate Unreviewed
CVE-2026-42744 was published May 27, 2026
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads... Moderate Unreviewed
CVE-2026-42732 was published May 27, 2026
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret... High Unreviewed
CVE-2026-5260 was published May 27, 2026
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ... High Unreviewed
CVE-2026-42013 was published May 27, 2026
The affected products perform improper length checking when parsing incoming HTTP requests,... High Unreviewed
CVE-2026-8047 was published May 26, 2026
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU... Moderate Unreviewed
CVE-2025-15645 was published May 20, 2026
iskorotkov/avro: CPU Exhaustion in Decoder High
CVE-2026-46385 was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
iskorotkov/avro: Integer Overflow in Decoder High
CVE-2026-46384 was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder High
GHSA-mx64-mj3q-7prj was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a... Low Unreviewed
CVE-2025-66660 was published May 15, 2026
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a... Low Unreviewed
CVE-2026-0428 was published May 15, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18... High Unreviewed
CVE-2025-14869 was published May 14, 2026
Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()` High
CVE-2026-44635 was published for kysely (npm) May 11, 2026
StarPlatinu Credited to StarPlatinu and igalklebanov igalklebanov igalklebanov
oxidize-pdf: NaN/inf bypass in colour content-stream emission causes PDF rejection (DoS) Moderate
GHSA-88q9-cmp2-c2vq was published for OxidizePdf.NET (NuGet) May 11, 2026
bzsanti Credited to bzsanti
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database