Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

867 advisories

Loading
AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion High
CVE-2026-32933 was published for AutoMapper (NuGet) Mar 13, 2026
skdishansachin Credited to skdishansachin, jbogard, and nicky-dilemmagroep jbogard jbogard
nicky-dilemmagroep nicky-dilemmagroep
Scriban Affected by Memory Exhaustion (OOM) via Unbounded String Generation (Denial of Service) Moderate
GHSA-5rpf-x9jg-8j5p was published for scriban (NuGet) Mar 19, 2026
skdishansachin Credited to skdishansachin
Scriban has an Infinite Recursion during Object Rendering Leads to Stack Overflow and Process Crash (Denial of Service) High
GHSA-grr9-747v-xvcp was published for scriban (NuGet) Mar 19, 2026
skdishansachin Credited to skdishansachin
Scriban has Uncontrolled Recursion in Parser Leads to Stack Overflow and Process Crash (Denial of Service) High
GHSA-wgh7-7m3c-fx25 was published for scriban (NuGet) Mar 19, 2026
skdishansachin Credited to skdishansachin
ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder Moderate
CVE-2026-31853 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
Mcsky23 Credited to Mcsky23
Umbraco.Engage.Forms Allows Unauthorized Access to Multiple API Endpoints High
CVE-2026-27449 was published for Umbraco.Engage.Forms (NuGet) Feb 27, 2026
Amalie-Wowern Credited to Amalie-Wowern
ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash Moderate
CVE-2026-32636 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 17, 2026
fumfel Credited to fumfel
idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability High
GHSA-8fh9-c4jq-94h4 was published for idunno.AtProto (NuGet) Mar 13, 2026
.NET Denial of Service Vulnerability High
CVE-2026-26127 was published for Microsoft.Bcl.Memory (NuGet) Mar 11, 2026
rbhanda Credited to rbhanda
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS Moderate
CVE-2023-1289 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Im10n Credited to Im10n
Duplicate Advisory: ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS Moderate
GHSA-gv85-xg33-553c was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 23, 2023 withdrawn
Azure MCP Server has Server-Side Request Forgery issue that allows authorized attacker to elevate privileges over a network High
CVE-2026-26118 was published for @azure/mcp (npm) Mar 10, 2026
alzimmermsft Credited to alzimmermsft and vcolin7 vcolin7 vcolin7
ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation Moderate
CVE-2026-30937 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage Moderate
CVE-2026-30936 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Taardisaa Credited to Taardisaa
ImageMagick has Heap Buffer Over-Read in BilateralBlurImage Moderate
CVE-2026-30935 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Taardisaa Credited to Taardisaa
ImageMagick has heap-based buffer overflow in UHDR encoder Moderate
CVE-2026-30931 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
linkeLi0421 Credited to linkeLi0421
ImageMagick has stack buffer overflow in MagnifyImage High
CVE-2026-30929 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ThePwnish3r Credited to ThePwnish3r
ImageMagick: Integer overflow in DIB coder can result in out of bounds read or write High
CVE-2026-28693 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
jakelodwick Credited to jakelodwick
ImageMagick has uninitialized pointer dereference in JBIG decoder High
CVE-2026-28691 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
ImageMagick has stack write buffer overflow in MNG encoder Moderate
CVE-2026-28690 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
ImageMagick has heap use-after-free in the MSL encoder Moderate
CVE-2026-28688 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder Moderate
CVE-2026-28687 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer Moderate
CVE-2026-28686 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays High
CVE-2026-28494 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder Moderate
CVE-2026-28493 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database