GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
693 advisories
Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input
High
CVE-2026-33891
was published
for
node-forge
(npm)
Mar 26, 2026
pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
Moderate
CVE-2026-33699
was published
for
pypdf
(pip)
Mar 25, 2026
Denial of service via non-terminating SYLT frame parsing loop in tinytag
Moderate
CVE-2026-32889
was published
for
tinytag
(pip)
Mar 19, 2026
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
High
CVE-2026-32875
was published
for
ujson
(pip)
Mar 18, 2026
music-metadata has an infinite loop vulnerability in ASF parser
High
CVE-2026-32256
was published
for
music-metadata
(npm)
Mar 17, 2026
Micronaut vulnerable to DoS via crafted form-urlencoded body binding with descending array indices
High
CVE-2026-33013
was published
for
io.micronaut:micronaut-json-core
(Maven)
Mar 17, 2026
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
Low
CVE-2026-27628
was published
for
pypdf
(pip)
Feb 25, 2026
ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`
Moderate
CVE-2026-26283
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
Moderate
CVE-2026-26066
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Feb 24, 2026
bn.js affected by an infinite loop
Moderate
CVE-2026-2739
was published
for
bn.js
(npm)
Feb 20, 2026
pypdf has a possible infinite loop when processing TreeObject
Moderate
CVE-2026-27024
was published
for
pypdf
(pip)
Feb 18, 2026
Sandbox escape via infinite recursion and error objects
Moderate
CVE-2026-25533
was published
for
@enclave-vm/core
(npm)
Feb 5, 2026
ProTip!
Advisories are also available from the
GraphQL API