Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

298 advisories

Loading
A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory... High Unreviewed
CVE-2026-0646 was published Jun 16, 2026
Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion High
CVE-2026-48059 was published for io.netty:netty-codec-haproxy (Maven) Jun 11, 2026
Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator High
CVE-2026-48006 was published for io.netty:netty-codec-redis (Maven) Jun 11, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf... High Unreviewed
CVE-2026-46201 was published May 28, 2026
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix resource leak... High Unreviewed
CVE-2026-46178 was published May 28, 2026
js-libp2p: Memory DoS via subscription flood of unique topics High
CVE-2026-46679 was published for @libp2p/gossipsub (npm) May 21, 2026
tahaafarooq Credited to tahaafarooq
UltraJSON has a Memory Leak in ujson.dump() on Write Failure High
CVE-2026-44660 was published for ujson (pip) May 12, 2026
Zwique Credited to Zwique, bwoodsend, hugovk, and BeBecpp bwoodsend bwoodsend
hugovk hugovk BeBecpp BeBecpp
Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE)... High Unreviewed
CVE-2026-35424 was published May 12, 2026
In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in... High Unreviewed
CVE-2026-43373 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct... High Unreviewed
CVE-2026-43074 was published May 6, 2026
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix... High Unreviewed
CVE-2026-31711 was published May 1, 2026
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb... High Unreviewed
CVE-2026-31640 was published Apr 24, 2026
A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge... High Unreviewed
CVE-2026-33775 was published Apr 10, 2026
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address... High Unreviewed
CVE-2026-33780 was published Apr 10, 2026
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of... High Unreviewed
CVE-2026-33782 was published Apr 10, 2026
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix... High Unreviewed
CVE-2026-23453 was published Apr 3, 2026
A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing... High Unreviewed
CVE-2026-3650 was published Mar 27, 2026
When a challenge ACK is to be sent tcp_respond() constructs and sends the challenge ACK and... High Unreviewed
CVE-2026-4247 was published Mar 26, 2026
A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software,... High Unreviewed
CVE-2026-20012 was published Mar 25, 2026
A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by... High Unreviewed
CVE-2026-3104 was published Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on... High Unreviewed
CVE-2026-23350 was published Mar 25, 2026
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android... High Unreviewed
CVE-2026-33852 was published Mar 24, 2026
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android... High Unreviewed
CVE-2026-33856 was published Mar 24, 2026
UltraJSON has a Memory Leak parsing large integers allows DoS High
CVE-2026-32874 was published for ujson (pip) Mar 18, 2026
Skevros Credited to Skevros and bwoodsend bwoodsend bwoodsend
The Eclipse Jetty Server Artifact has a Gzip request memory leak High
CVE-2026-1605 was published for org.eclipse.jetty:jetty-server (Maven) Mar 5, 2026
glebashnik Credited to glebashnik and bjorncs bjorncs bjorncs
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database