Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

304 advisories

Loading
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2026-27296 was published Apr 15, 2026
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2026-27297 was published Apr 15, 2026
Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized... High Unreviewed
CVE-2026-27907 was published Apr 14, 2026
ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml. Moderate
CVE-2026-33899 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
unbengable12 Credited to unbengable12
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote... Moderate Unreviewed
CVE-2026-40386 was published Apr 12, 2026
An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN)... Low Unreviewed
CVE-2026-5188 was published Apr 10, 2026
Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash... Low Unreviewed
CVE-2026-5778 was published Apr 10, 2026
go-git: Maliciously crafted idx file can cause asymmetric memory consumption Moderate
CVE-2026-34165 was published for github.com/go-git/go-git/v5 (Go) Mar 30, 2026
kq5y Credited to kq5y
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP... High Unreviewed
CVE-2026-25075 was published Mar 23, 2026
Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer... Low Unreviewed
CVE-2026-1005 was published Mar 19, 2026
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content... Moderate Unreviewed
CVE-2026-2369 was published Mar 19, 2026
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-3084 was published Mar 16, 2026
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value... High Unreviewed
CVE-2026-32775 was published Mar 16, 2026
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to... High Unreviewed
CVE-2026-3538 was published Mar 4, 2026
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of... Moderate Unreviewed
CVE-2026-23748 was published Feb 26, 2026
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database... High Unreviewed
CVE-2026-3172 was published Feb 25, 2026
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and... Low Unreviewed
CVE-2025-14547 was published Feb 20, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-1924 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48021 was published Feb 13, 2026
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential... Moderate Unreviewed
CVE-2026-23069 was published Feb 4, 2026
In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2... High Unreviewed
CVE-2025-62291 was published Jan 16, 2026
An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of... High Unreviewed
CVE-2025-67269 was published Jan 2, 2026
Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny... Moderate Unreviewed
CVE-2025-62567 was published Dec 9, 2025
An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may... Moderate Unreviewed
CVE-2025-59368 was published Nov 25, 2025
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... Low Unreviewed
CVE-2025-11931 was published Nov 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database