Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,673
Maven
5,000+
npm
5,000+
NuGet
932
pip
4,891
Pub
13
RubyGems
1,051
Rust
1,315
Swift
53
Unreviewed advisories
All unreviewed
5,000+

720 advisories

Loading
Pillow has a PDF Parsing Trailer Infinite Loop (DoS) Moderate
CVE-2026-42310 was published for pillow (pip) May 4, 2026
kexinoh Credited to kexinoh
TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service Moderate Unreviewed
CVE-2026-6528 was published Apr 30, 2026
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6534 was published Apr 30, 2026
DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 Moderate Unreviewed
CVE-2026-6536 was published Apr 30, 2026
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6531 was published Apr 30, 2026
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6521 was published Apr 30, 2026
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6520 was published Apr 30, 2026
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6519 was published Apr 30, 2026
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6523 was published Apr 30, 2026
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6522 was published Apr 30, 2026
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-5407 was published Apr 30, 2026
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-7375 was published Apr 30, 2026
Marked Vulnerable to OOM Denial of Service via Infinite Recursion in marked Tokenizer High
CVE-2026-41680 was published for marked (npm) Apr 29, 2026
MaanVader Credited to MaanVader
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to... Moderate Unreviewed
CVE-2026-31642 was published Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Return -ENOMEM... High Unreviewed
CVE-2026-31552 was published Apr 24, 2026
OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle Moderate
CVE-2026-41511 was published for OpenMcdf (NuGet) Apr 22, 2026
pawlos Credited to pawlos
justhtml has sanitization bypass in custom policies and programmatic DOM Moderate
GHSA-vrx2-77f2-ww34 was published for justhtml (pip) Apr 22, 2026
EmilStenstrom Credited to EmilStenstrom
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM... Moderate Unreviewed
CVE-2026-31498 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner... Moderate Unreviewed
CVE-2026-31472 was published Apr 22, 2026
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a... Moderate Unreviewed
CVE-2026-41285 was published Apr 21, 2026
Uncontrolled resource consumption and loop with unreachable exit condition in facil.io and downstream iodine ruby gem High
CVE-2026-41146 was published for iodine (RubyGems) Apr 14, 2026
michaelknap Credited to michaelknap
Microsoft Security Advisory CVE-2026-33116 – .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability High
CVE-2026-33116 was published for System.Security.Cryptography.Xml (NuGet) Apr 14, 2026
DylanW01 Credited to DylanW01, briandesarmo, and nicky-dilemmagroep briandesarmo briandesarmo
nicky-dilemmagroep nicky-dilemmagroep
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-34852 was published Apr 13, 2026
Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation... Moderate Unreviewed
CVE-2026-39934 was published Apr 8, 2026
netavark has incorrect error handling for malformed tcp packets High
CVE-2026-35406 was published for netavark (Rust) Apr 7, 2026
dkane01 Credited to dkane01
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database