Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,881
Maven
5,000+
npm
5,000+
NuGet
958
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,364
Swift
54
Unreviewed advisories
All unreviewed
5,000+

7,623 advisories

Loading
Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote... Moderate Unreviewed
CVE-2026-9122 was published May 20, 2026
Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker... High Unreviewed
CVE-2026-9121 was published May 20, 2026
Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote... Moderate Unreviewed
CVE-2026-9113 was published May 20, 2026
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability... Moderate Unreviewed
CVE-2026-32792 was published May 20, 2026
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker... High Unreviewed
CVE-2026-24213 was published May 20, 2026
Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in... Moderate Unreviewed
CVE-2026-43620 was published May 20, 2026
Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token... Moderate Unreviewed
CVE-2026-43618 was published May 20, 2026
ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation. Moderate
CVE-2026-45624 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
007bsd Credited to 007bsd
OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size Moderate
CVE-2026-45681 was published for go.opentelemetry.io/obi (Go) May 18, 2026
MrAlias Credited to MrAlias, rafaelroquetto, and mmat11 rafaelroquetto rafaelroquetto
mmat11 mmat11
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format... Moderate Unreviewed
CVE-2026-38719 was published May 18, 2026
ImageMagick: Out-of-Bounds Read of a single byte in meta encoder Moderate
CVE-2026-45358 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
007bsd Credited to 007bsd
ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define Moderate
CVE-2026-45359 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
007bsd Credited to 007bsd
ImageMagick: Heap Buffer Over-Read in IPTC encoder Moderate
CVE-2026-42326 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
sukhoon0975 Credited to sukhoon0975
An out of bounds read in the remote management firmware could allow a privileged attacker read a... Low Unreviewed
CVE-2024-21950 was published May 15, 2026
Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an... Moderate Unreviewed
CVE-2025-66664 was published May 15, 2026
An out-of-bounds read in power management firmware by a malicious local attacker with low... Moderate Unreviewed
CVE-2025-0044 was published May 15, 2026
An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker... Moderate Unreviewed
CVE-2025-29937 was published May 15, 2026
An improper input validation vulnerability within the AMD Platform Management Framework (PMF)... Moderate Unreviewed
CVE-2025-48520 was published May 15, 2026
Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8578 was published May 14, 2026
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168... Moderate Unreviewed
CVE-2026-8535 was published May 14, 2026
Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who... Moderate Unreviewed
CVE-2026-8541 was published May 14, 2026
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote... Moderate Unreviewed
CVE-2026-8543 was published May 14, 2026
Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a... Moderate Unreviewed
CVE-2026-8546 was published May 14, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When... Moderate Unreviewed
CVE-2026-42934 was published May 13, 2026
Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that... High Unreviewed
CVE-2026-8449 was published May 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database