Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

581 advisories

Loading
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2026-26175 was published Apr 14, 2026
OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl) High
CVE-2026-34543 was published for openexr (pip) Apr 3, 2026
n8n has In-Process Memory Disclosure in its Task Runner High
CVE-2026-27496 was published for n8n (npm) Mar 25, 2026
c0rydoras Credited to c0rydoras
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This... Critical Unreviewed
CVE-2026-4716 was published Mar 24, 2026
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2026-4715 was published Mar 24, 2026
An authenticated user with the read role may read limited amounts of uninitialized stack memory... High Unreviewed
CVE-2026-4147 was published Mar 17, 2026
in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak... Moderate Unreviewed
CVE-2025-12736 was published Mar 16, 2026
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This... Moderate Unreviewed
CVE-2026-3497 was published Mar 12, 2026
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. Critical Unreviewed
CVE-2026-2806 was published Feb 24, 2026
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This... High Unreviewed
CVE-2026-2794 was published Feb 24, 2026
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-2044 was published Feb 21, 2026
In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs:... Moderate Unreviewed
CVE-2026-23123 was published Feb 14, 2026
A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but... Low Unreviewed
CVE-2025-12474 was published Feb 11, 2026
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add... Moderate Unreviewed
CVE-2026-23101 was published Feb 4, 2026
In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion... Moderate Unreviewed
CVE-2026-23007 was published Jan 25, 2026
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use... Moderate Unreviewed
CVE-2026-23003 was published Jan 25, 2026
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0... High Unreviewed
CVE-2025-15281 was published Jan 20, 2026
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library... High Unreviewed
CVE-2026-0915 was published Jan 16, 2026
In the Linux kernel, the following vulnerability has been resolved: um: init cpu_tasks[] earlier... Moderate Unreviewed
CVE-2025-71115 was published Jan 14, 2026
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero... Moderate Unreviewed
CVE-2025-71113 was published Jan 14, 2026
Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an... Moderate Unreviewed
CVE-2026-20962 was published Jan 13, 2026
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the... Moderate Unreviewed
CVE-2025-71096 was published Jan 13, 2026
Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service... Moderate Unreviewed
CVE-2026-22188 was published Jan 7, 2026
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize... Moderate Unreviewed
CVE-2025-68365 was published Dec 24, 2025
A vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected... High Unreviewed
CVE-2025-40829 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database