Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

7,431 advisories

Loading
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and... Unknown Unreviewed
CVE-2026-28386 was published Apr 8, 2026
There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3... High Unreviewed
CVE-2026-32864 was published Apr 7, 2026
There is a memory corruption vulnerability due to an out-of-bounds read in... High Unreviewed
CVE-2026-32863 was published Apr 7, 2026
go.etcd.io/bbolt affected by index out-of-range vulnerability Moderate
CVE-2026-33817 was published for go.etcd.io/bbolt (Go) Apr 6, 2026
rdiscount has an Out-of-bounds Read Moderate
CVE-2026-35201 was published for rdiscount (RubyGems) Apr 6, 2026
WesR Credited to WesR
A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the... Moderate Unreviewed
CVE-2026-5673 was published Apr 6, 2026
scaly: Multiple soundness issues in Rust safe APIs High
GHSA-2c6h-4899-wjxr was published for scaly (Rust) Apr 4, 2026
Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service High
CVE-2026-34824 was published for mesop (pip) Apr 3, 2026
tubadeligoz Credited to tubadeligoz
Signal K Server: Arbitrary Prototype Read via `from` Field Bypass Low
CVE-2026-35038 was published for signalk-server (npm) Apr 3, 2026
VashuVats Credited to VashuVats
Electron: Out-of-bounds read in second-instance IPC on macOS and Linux Moderate
CVE-2026-34776 was published for electron (npm) Apr 3, 2026
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Moderate Unreviewed
CVE-2025-43210 was published Apr 2, 2026
An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in... High Unreviewed
CVE-2026-34876 was published Apr 2, 2026
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile... High Unreviewed
CVE-2026-32926 was published Apr 2, 2026
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF... High Unreviewed
CVE-2026-32927 was published Apr 2, 2026
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM.... High Unreviewed
CVE-2026-32929 was published Apr 2, 2026
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote... High Unreviewed
CVE-2026-5292 was published Apr 1, 2026
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote... High Unreviewed
CVE-2026-5282 was published Apr 1, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28526 was published Mar 30, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28527 was published Mar 30, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28528 was published Mar 30, 2026
OpenCC has an Out-of-bounds read when processing truncated UTF-8 input Moderate
GHSA-7fqq-q52p-2jjg was published for OpenCC (npm) Mar 29, 2026
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory... Moderate Unreviewed
CVE-2026-32984 was published Mar 27, 2026
Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory... Moderate Unreviewed
CVE-2023-7340 was published Mar 27, 2026
The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation... High Unreviewed
CVE-2026-3622 was published Mar 26, 2026
libcrux Panics During Standalone MAC Operations High
GHSA-pv9v-5j35-xwcr was published for libcrux-poly1305 (Rust) Mar 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database