GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,273
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,489
Swift
61
Unreviewed advisories
All unreviewed
5,000+
1,875 advisories
Filter by severity
ratex-parser panics on `\verb` with a multibyte delimiter (UTF-8 byte-boundary slice)
High
CVE-2026-53530
was published
for
ratex-parser
(Rust)
Jul 7, 2026
BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre...
High
Unreviewed
CVE-2026-40140
was published
Jul 6, 2026
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not...
High
Unreviewed
CVE-2026-9165
was published
Jul 6, 2026
Uncontrolled Resource Consumption vulnerability in Apache IoTDB.
Some interface fails to impose...
High
Unreviewed
CVE-2026-24012
was published
Jul 6, 2026
An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of...
High
Unreviewed
CVE-2026-52192
was published
Jul 2, 2026
Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch
High
CVE-2026-50196
was published
for
Steeltoe.Discovery.Eureka
(NuGet)
Jul 2, 2026
SimpleSAMLphp has Possible DoS via XPath Transform
High
CVE-2026-49289
was published
for
simplesamlphp/saml2
(Composer)
Jul 2, 2026
In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did...
High
Unreviewed
CVE-2026-9563
was published
Jul 2, 2026
Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache...
High
Unreviewed
CVE-2026-54428
was published
Jul 1, 2026
Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache...
High
Unreviewed
CVE-2026-54399
was published
Jul 1, 2026
The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect...
High
Unreviewed
CVE-2026-2891
was published
Jul 1, 2026
An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of...
High
Unreviewed
CVE-2026-52197
was published
Jul 1, 2026
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested...
High
Unreviewed
CVE-2026-57081
was published
Jun 30, 2026
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped...
High
Unreviewed
CVE-2026-57080
was published
Jun 30, 2026
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ,...
High
Unreviewed
CVE-2026-50750
was published
Jun 30, 2026
JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(),...
High
Unreviewed
CVE-2026-56018
was published
Jun 29, 2026
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of...
High
Unreviewed
CVE-2026-36478
was published
Jun 27, 2026
js-toml vulnerable to CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals
High
CVE-2026-49293
was published
for
js-toml
(npm)
Jun 26, 2026
Hackney has unbounded buffer accumulation in WebSocket
High
CVE-2026-47073
was published
for
hackney
(Erlang)
Jun 26, 2026
Hackney: Per-chunk timeout with unbounded body accumulation enables slow-drip OOM
High
CVE-2026-47077
was published
for
hackney
(Erlang)
Jun 26, 2026
Hackney: `ssl:connect/2` post-handshake upgrade has no timeout
High
CVE-2026-47071
was published
for
hackney
(Erlang)
Jun 26, 2026
An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to...
High
Unreviewed
CVE-2026-30041
was published
Jun 26, 2026
An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers...
High
Unreviewed
CVE-2026-38637
was published
Jun 25, 2026
A reachable unwrap in the __assert_fail function (/assert/mod.rs) of relibc commit 61f42d allows...
High
Unreviewed
CVE-2026-38640
was published
Jun 25, 2026
Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2...
High
Unreviewed
CVE-2023-54365
was published
Jun 23, 2026
ProTip!
Advisories are also available from the
GraphQL API