GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
145 advisories
ImageMagick has an integer overflow in despeckle operation causing a heap buffer overflow on 32-bit builds
Moderate
CVE-2026-34238
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Apr 13, 2026
ImageMagick has a heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds
Moderate
CVE-2026-33900
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Apr 13, 2026
OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write
High
CVE-2026-34589
was published
for
OpenEXR
(pip)
Apr 8, 2026
OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write
High
CVE-2026-34588
was published
for
OpenEXR
(pip)
Apr 8, 2026
OpenEXR: integer overflow to OOB write in uncompress_b44_impl()
High
CVE-2026-34544
was published
for
openexr
(pip)
Apr 3, 2026
NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead
High
CVE-2026-27889
was published
for
github.com/nats-io/nats-server
(Go)
Mar 25, 2026
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
High
CVE-2026-32875
was published
for
ujson
(pip)
Mar 18, 2026
File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely
Moderate
CVE-2026-32759
was published
for
github.com/filebrowser/filebrowser/v2
(Go)
Mar 16, 2026
ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption
Moderate
CVE-2026-25970
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Mar 12, 2026
ImageMagick: Integer Overflow in PSB (PSD v2) RLE decoding path causes heap Out of Bounds reads for 32-bit builds
Low
CVE-2026-25984
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 25, 2026
ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder
High
CVE-2026-25989
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
ImageMagick has heap-buffer-overflow via signed integer overflow in WriteUHDRImage when writing UHDR images with large dimensions
High
CVE-2026-25794
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64
Moderate
CVE-2026-24889
was published
for
soroban-sdk
(Rust)
Jan 28, 2026
ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component
Moderate
CVE-2026-23833
was published
for
esphome
(pip)
Jan 21, 2026
ProTip!
Advisories are also available from the
GraphQL API