Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

519 advisories

Loading
free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors Moderate
CVE-2026-40249 was published for github.com/free5gc/udr (Go) Apr 14, 2026
Giancannella Credited to Giancannella and FrancescoDAlterio FrancescoDAlterio FrancescoDAlterio
Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows... Moderate Unreviewed
CVE-2026-21007 was published Apr 13, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... Moderate Unreviewed
CVE-2026-33774 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... High Unreviewed
CVE-2026-33781 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control... Moderate Unreviewed
CVE-2026-33786 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... High Unreviewed
CVE-2026-33790 was published Apr 10, 2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control... Moderate Unreviewed
CVE-2026-33787 was published Apr 10, 2026
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts High
CVE-2026-40069 was published for bsv-sdk (RubyGems) Apr 9, 2026
sgbett Credited to sgbett
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key... High Unreviewed
CVE-2026-31790 was published Apr 8, 2026
Cosign's verify-blob-attestation reports false positive when payload parsing fails Moderate
CVE-2026-39395 was published for github.com/sigstore/cosign (Go) Apr 8, 2026
kodareef5 Credited to kodareef5
OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open) Low
GHSA-cwq8-6f96-g3q4 was published for openclaw (npm) Apr 2, 2026
davidluzsilva Credited to davidluzsilva
Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation High
CVE-2026-33939 was published for handlebars (npm) Mar 27, 2026
trace37labs Credited to trace37labs
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which... Low Unreviewed
CVE-2026-3109 was published Mar 26, 2026
Mattermost: Authenticated DoS through failure to prevent rendering of external SVGs on link embeds Moderate
CVE-2026-20719 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 25, 2026
@grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling Low
GHSA-8g29-8xwr-qmhr was published for @grackle-ai/server (npm) Mar 25, 2026
Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox... High Unreviewed
CVE-2026-4719 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects... High Unreviewed
CVE-2026-4706 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox <... High Unreviewed
CVE-2026-4714 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149... High Unreviewed
CVE-2026-4713 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects... High Unreviewed
CVE-2026-4709 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4697 was published Mar 24, 2026
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects... High Unreviewed
CVE-2026-4699 was published Mar 24, 2026
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability... High Unreviewed
CVE-2026-4694 was published Mar 24, 2026
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects... High Unreviewed
CVE-2026-4707 was published Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability... High Unreviewed
CVE-2026-4695 was published Mar 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database