Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

2,596 advisories

Loading
In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of... Moderate Unreviewed
CVE-2026-34353 was published Mar 27, 2026
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image... Moderate Unreviewed
CVE-2026-2272 was published Mar 26, 2026
A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an... Low Unreviewed
CVE-2026-2271 was published Mar 26, 2026
NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead High
CVE-2026-27889 was published for github.com/nats-io/nats-server (Go) Mar 25, 2026
Mistz1 Credited to Mistz1 and jiayuqi7813 jiayuqi7813 jiayuqi7813
An integer overflow was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed
CVE-2026-20639 was published Mar 25, 2026
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer... High Unreviewed
CVE-2026-4775 was published Mar 24, 2026
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module... High Unreviewed
CVE-2026-27784 was published Mar 24, 2026
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability... High Unreviewed
CVE-2026-4694 was published Mar 24, 2026
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component.... High Unreviewed
CVE-2026-4690 was published Mar 24, 2026
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component.... Critical Unreviewed
CVE-2026-4689 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue... Moderate Unreviewed
CVE-2026-33855 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules... Critical Unreviewed
CVE-2026-4739 was published Mar 24, 2026
Integer Overflow or Wraparound vulnerability in artraweditor ART (‎rtengine‎ modules). This... High Unreviewed
CVE-2026-4731 was published Mar 24, 2026
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to... High Unreviewed
CVE-2026-4679 was published Mar 24, 2026
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate()... Moderate Unreviewed
CVE-2026-32845 was published Mar 23, 2026
Bitcoin Core 0.13.0 through 29.x has an integer overflow. High Unreviewed
CVE-2025-46597 was published Mar 20, 2026
Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to... High Unreviewed
CVE-2026-4464 was published Mar 20, 2026
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote... High Unreviewed
CVE-2026-4452 was published Mar 20, 2026
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote... Moderate Unreviewed
CVE-2026-4453 was published Mar 20, 2026
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby Moderate
CVE-2026-33306 was published for bcrypt (RubyGems) Mar 19, 2026
Gossipsub PRUNE.backoff Duration Overflow High
CVE-2026-33040 was published for libp2p-gossipsub (Rust) Mar 18, 2026
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop High
CVE-2026-32875 was published for ujson (pip) Mar 18, 2026
vmfunc Credited to vmfunc and bwoodsend bwoodsend bwoodsend
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2026-2809 was published Mar 17, 2026
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2025-15584 was published Mar 17, 2026
File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely Moderate
CVE-2026-32759 was published for github.com/filebrowser/filebrowser/v2 (Go) Mar 16, 2026
fg0x0 Credited to fg0x0
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database