Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
42
Go
3,138
Maven
5,000+
npm
5,000+
NuGet
831
pip
4,438
Pub
12
RubyGems
990
Rust
1,174
Swift
50
Unreviewed advisories
All unreviewed
5,000+

5,973 advisories

Loading
Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a... High Unreviewed
CVE-2026-27220 was published Mar 11, 2026
Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a... High Unreviewed
CVE-2026-27278 was published Mar 11, 2026
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2026-27276 was published Mar 10, 2026
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2026-27277 was published Mar 10, 2026
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly Moderate
CVE-2026-26330 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
phlax Credited to phlax, botengyao, and agrawroh botengyao botengyao
agrawroh agrawroh
Envoy: HTTP - filter chain execution on reset streams causing UAF crash Moderate
CVE-2026-26311 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
MushroomWasp Credited to MushroomWasp, agrawroh, yanavlasov, botengyao, and phlax agrawroh agrawroh
yanavlasov yanavlasov botengyao botengyao phlax phlax
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2026-25189 was published Mar 10, 2026
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2026-26132 was published Mar 10, 2026
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-26107 was published Mar 10, 2026
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2026-24289 was published Mar 10, 2026
Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to... High Unreviewed
CVE-2026-24292 was published Mar 10, 2026
Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2026-25170 was published Mar 10, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to... High Unreviewed
CVE-2026-25178 was published Mar 10, 2026
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate... High Unreviewed
CVE-2026-25167 was published Mar 10, 2026
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2026-24285 was published Mar 10, 2026
Use after free in Windows Authentication Methods allows an authorized attacker to elevate... High Unreviewed
CVE-2026-25171 was published Mar 10, 2026
Use after free in Windows Print Spooler Components allows an authorized attacker to execute code... High Unreviewed
CVE-2026-23669 was published Mar 10, 2026
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2026-23667 was published Mar 10, 2026
Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit... High Unreviewed
CVE-2025-13350 was published Mar 5, 2026
In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after... Moderate Unreviewed
CVE-2026-0027 was published Mar 2, 2026
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs. High Unreviewed
CVE-2025-47386 was published Mar 2, 2026
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls. High Unreviewed
CVE-2025-47376 was published Mar 2, 2026
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization... High Unreviewed
CVE-2025-47379 was published Mar 2, 2026
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls. High Unreviewed
CVE-2025-47377 was published Mar 2, 2026
Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs. High Unreviewed
CVE-2025-47381 was published Mar 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database