Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

4,589 advisories

Loading
Ella Core Panics Upon NGAP handover failure Moderate
CVE-2026-34761 was published for github.com/ellanetworks/core (Go) Apr 1, 2026
offset Credited to offset
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer... High Unreviewed
CVE-2026-34874 was published Apr 1, 2026
The application does not validate the presence of required appearance (AP) data before accessing... Moderate Unreviewed
CVE-2026-3776 was published Apr 1, 2026
Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted High
GHSA-c279-989m-238f was published for github.com/bishopfox/sliver (Go) Mar 29, 2026
VarshankNaik Credited to VarshankNaik
Ella Core Panics during NAS Authentication Response/Failure with missing IEs Moderate
CVE-2026-33907 was published for github.com/ellanetworks/core (Go) Mar 26, 2026
offset Credited to offset
Ella Core panics when processing a crafted NGAP LocationReport message Moderate
CVE-2026-33903 was published for github.com/ellanetworks/core (Go) Mar 26, 2026
offset Credited to offset
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can... Low Unreviewed
CVE-2026-0968 was published Mar 26, 2026
On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a... High Unreviewed
CVE-2026-4652 was published Mar 26, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2026-28886 was published Mar 25, 2026
NATS Server panic via malicious compression on leafnode port High
CVE-2026-29785 was published for github.com/nats-io/nats-server (Go) Mar 24, 2026
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source,... High Unreviewed
CVE-2026-27651 was published Mar 24, 2026
NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects... Moderate Unreviewed
CVE-2026-33853 was published Mar 24, 2026
NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0. Moderate Unreviewed
CVE-2026-4751 was published Mar 24, 2026
NULL Pointer Dereference vulnerability in taurusxin ncmdump (‎src/utils‎ modules). This... Moderate Unreviewed
CVE-2026-4743 was published Mar 24, 2026
A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through... High Unreviewed
CVE-2026-26829 was published Mar 23, 2026
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone... High Unreviewed
CVE-2026-26828 was published Mar 23, 2026
Ella Core panics on malformed ULNASTransport Message without a Request Type Moderate
CVE-2026-33283 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
Ella Core panics on malformed NGAP Location Report High
CVE-2026-33282 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference High
CVE-2026-33064 was published for github.com/free5gc/udm (Go) Mar 18, 2026
free5GC AUSF UE Authentication Panic on Nil SuciSupiMap Interface Conversion High
CVE-2026-33063 was published for github.com/free5gc/ausf (Go) Mar 18, 2026
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT ... Moderate Unreviewed
CVE-2025-13406 was published Mar 17, 2026
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity... Moderate Unreviewed
CVE-2026-32776 was published Mar 16, 2026
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after... Low Unreviewed
CVE-2026-32778 was published Mar 16, 2026
arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the... High Unreviewed
CVE-2026-28522 was published Mar 16, 2026
Traefik: HTTP/2 frames can cause a running server to panic High
GHSA-4hjq-9h5c-252j was published for github.com/traefik/traefik/v2 (Go) Mar 12, 2026
WolverMinion Credited to WolverMinion
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database