Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

139 advisories

Loading
ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing Moderate
GHSA-vc8p-8pxg-rfwg was published for org.connectbot.sshlib:sshlib (Maven) Jun 12, 2026
Pig-Tail Credited to Pig-Tail and kruton kruton kruton
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation Moderate
GHSA-ch3q-cw5r-f4hg was published for org.connectbot.sshlib:sshlib (Maven) Jun 12, 2026
kruton Credited to kruton
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser... High Unreviewed
CVE-2026-10142 was published Jun 11, 2026
Dulwich has unbounded memory allocation in receive-pack from crafted thin packs Moderate
CVE-2026-47734 was published for dulwich (pip) Jun 8, 2026
jelmer Credited to jelmer
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads... High Unreviewed
CVE-2026-49975 was published Jun 8, 2026
Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows... Moderate Unreviewed
CVE-2026-47319 was published Jun 4, 2026
opentelemetry-go's baggage parsing no longer caps raw header length Moderate
CVE-2026-41178 was published for go.opentelemetry.io/otel/baggage (Go) May 28, 2026
pellared Credited to pellared and XSAM XSAM XSAM
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry... High Unreviewed
CVE-2026-9538 was published May 26, 2026
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash... Moderate Unreviewed
CVE-2018-25378 was published May 26, 2026
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2018-25368 was published May 26, 2026
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14... High Unreviewed
CVE-2026-5740 was published May 26, 2026
Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows... Moderate Unreviewed
CVE-2026-8485 was published May 20, 2026
Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows... Moderate Unreviewed
CVE-2026-47313 was published May 19, 2026
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder High
GHSA-mx64-mj3q-7prj was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
Mattermost doesn't validate 7zip archive structure before processing Moderate
CVE-2026-6340 was published for github.com/mattermost/mattermost-server (Go) May 18, 2026
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the... High Unreviewed
CVE-2021-47970 was published May 16, 2026
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows... High Unreviewed
CVE-2021-47972 was published May 16, 2026
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the... High Unreviewed
CVE-2021-47969 was published May 16, 2026
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the... High Unreviewed
CVE-2021-47971 was published May 16, 2026
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to... High Unreviewed
CVE-2021-47973 was published May 16, 2026
A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may... High Unreviewed
CVE-2026-42946 was published May 13, 2026
memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the... High Unreviewed
CVE-2021-47944 was published May 10, 2026
rust-zserio has Unbounded Memory Allocation High
GHSA-fpf5-4jw8-67x8 was published for rust-zserio (Rust) May 7, 2026
Netty HTTP/3 QPACK literal unbounded allocation High
CVE-2026-42582 was published for io.netty:netty-codec-http3 (Maven) May 7, 2026
violetagg Credited to violetagg
Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException High
CVE-2026-44375 was published for Nerdbank.MessagePack (NuGet) May 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database