Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
48
GitHub Actions
48
Go
3,391
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,614
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

2,601 advisories

Loading
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity... High Unreviewed
CVE-2026-35092 was published Apr 1, 2026
An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an... High Unreviewed
CVE-2026-3308 was published Mar 31, 2026
libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling High
CVE-2026-34219 was published for libp2p-gossipsub (Rust) Mar 30, 2026
An integer overflow vulnerability in the HTTP chunked transfer encoding parser in tinyproxy up to... High Unreviewed
CVE-2026-3945 was published Mar 30, 2026
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in... Critical Unreviewed
CVE-2026-5121 was published Mar 30, 2026
In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of... Moderate Unreviewed
CVE-2026-34353 was published Mar 27, 2026
A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an... Low Unreviewed
CVE-2026-2271 was published Mar 26, 2026
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image... Moderate Unreviewed
CVE-2026-2272 was published Mar 26, 2026
NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead High
CVE-2026-27889 was published for github.com/nats-io/nats-server (Go) Mar 25, 2026
Mistz1 Credited to Mistz1 and jiayuqi7813 jiayuqi7813 jiayuqi7813
An integer overflow was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed
CVE-2026-20639 was published Mar 25, 2026
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module... High Unreviewed
CVE-2026-27784 was published Mar 24, 2026
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer... High Unreviewed
CVE-2026-4775 was published Mar 24, 2026
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability... High Unreviewed
CVE-2026-4694 was published Mar 24, 2026
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component.... Critical Unreviewed
CVE-2026-4689 was published Mar 24, 2026
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component.... High Unreviewed
CVE-2026-4690 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue... Moderate Unreviewed
CVE-2026-33855 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules... Critical Unreviewed
CVE-2026-4739 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in artraweditor ART (‎rtengine‎ modules). This... High Unreviewed
CVE-2026-4731 was published Mar 24, 2026
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to... High Unreviewed
CVE-2026-4679 was published Mar 24, 2026
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate()... Moderate Unreviewed
CVE-2026-32845 was published Mar 23, 2026
Bitcoin Core 0.13.0 through 29.x has an integer overflow. High Unreviewed
CVE-2025-46597 was published Mar 20, 2026
Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to... High Unreviewed
CVE-2026-4464 was published Mar 20, 2026
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote... Moderate Unreviewed
CVE-2026-4453 was published Mar 20, 2026
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote... High Unreviewed
CVE-2026-4452 was published Mar 20, 2026
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby Moderate
CVE-2026-33306 was published for bcrypt (RubyGems) Mar 19, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database