Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
58
GitHub Actions
50
Go
3,791
Maven
5,000+
npm
5,000+
NuGet
938
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,349
Swift
54
Unreviewed advisories
All unreviewed
5,000+

652 advisories

Loading
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function... Low Unreviewed
CVE-2026-8257 was published May 11, 2026
free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf) High
CVE-2026-44321 was published for github.com/free5gc/smf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri) High
CVE-2026-44319 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUG_ON with... Moderate Unreviewed
CVE-2026-43228 was published May 6, 2026
In Modem, there is a possible system crash due to incorrect error handling. This could lead to... Moderate Unreviewed
CVE-2026-20450 was published May 4, 2026
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items... Moderate Unreviewed
CVE-2026-43046 was published May 1, 2026
In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing... High Unreviewed
CVE-2026-31739 was published May 1, 2026
Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF ... High Unreviewed
CVE-2025-56568 was published Apr 30, 2026
Kyverno Controller Denial of Service via forEach Mutation Panic High
CVE-2026-41485 was published for github.com/kyverno/kyverno (Go) Apr 24, 2026
thevilledev Credited to thevilledev
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Drop spurious... Moderate Unreviewed
CVE-2026-31567 was published Apr 24, 2026
nimiq-blockchain: Peer-triggerable panic during history sync Moderate
CVE-2026-34066 was published for nimiq-blockchain (Rust) Apr 22, 2026
1seal Credited to 1seal and ii-cruz ii-cruz ii-cruz
nimiq-transaction: Panic via `HistoryTreeProof` length mismatch Low
CVE-2026-34067 was published for nimiq-transaction (Rust) Apr 22, 2026
1seal Credited to 1seal and paberr paberr paberr
In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUG_ON with... Moderate Unreviewed
CVE-2026-31451 was published Apr 22, 2026
Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients Moderate
CVE-2026-41585 was published for zebra-rpc (Rust) Apr 18, 2026
upbqdn Credited to upbqdn, mpguerra, and conradoplg mpguerra mpguerra
conradoplg conradoplg
Zebra has rk Identity Point Panic in Transaction Verification Critical
CVE-2026-41584 was published for zebra-chain (Rust) Apr 18, 2026
conradoplg Credited to conradoplg and mpguerra mpguerra mpguerra
nimiq-consensus panics via RequestMacroChain micro-block locator Moderate
CVE-2026-34069 was published for nimiq-consensus (Rust) Apr 13, 2026
jsdanielh Credited to jsdanielh and 1seal 1seal 1seal
CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing Moderate
CVE-2026-30867 was published for CocoaMQTT (Swift) Apr 3, 2026
t5uki Credited to t5uki
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion... High Unreviewed
CVE-2026-4046 was published Mar 30, 2026
A user with access to the cluster with a limited set of privilege actions can trigger a crash of... Moderate Unreviewed
CVE-2026-5170 was published Mar 30, 2026
libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling High
CVE-2026-34219 was published for libp2p-gossipsub (Rust) Mar 30, 2026
Under certain conditions, `named` may crash when processing a correctly signed query containing a... Moderate Unreviewed
CVE-2026-3119 was published Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files... Moderate Unreviewed
CVE-2026-23375 was published Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARN_ON in... Moderate Unreviewed
CVE-2026-23380 was published Mar 25, 2026
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in... Moderate Unreviewed
CVE-2026-23356 was published Mar 25, 2026
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea... High Unreviewed
CVE-2026-3608 was published Mar 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database