Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,673
Maven
5,000+
npm
5,000+
NuGet
932
pip
4,891
Pub
13
RubyGems
1,051
Rust
1,315
Swift
53
Unreviewed advisories
All unreviewed
5,000+

383 advisories

Loading
Pillow has a PDF Parsing Trailer Infinite Loop (DoS) Moderate
CVE-2026-42310 was published for pillow (pip) May 4, 2026
kexinoh Credited to kexinoh
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6531 was published Apr 30, 2026
DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 Moderate Unreviewed
CVE-2026-6536 was published Apr 30, 2026
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6534 was published Apr 30, 2026
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-5407 was published Apr 30, 2026
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6523 was published Apr 30, 2026
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6520 was published Apr 30, 2026
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-6519 was published Apr 30, 2026
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6521 was published Apr 30, 2026
TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service Moderate Unreviewed
CVE-2026-6528 was published Apr 30, 2026
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14... Moderate Unreviewed
CVE-2026-6522 was published Apr 30, 2026
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows... Moderate Unreviewed
CVE-2026-7375 was published Apr 30, 2026
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM... Moderate Unreviewed
CVE-2026-31498 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner... Moderate Unreviewed
CVE-2026-31472 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to... Moderate Unreviewed
CVE-2026-31642 was published Apr 24, 2026
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a... Moderate Unreviewed
CVE-2026-41285 was published Apr 21, 2026
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential... Moderate Unreviewed
CVE-2026-23409 was published Apr 1, 2026
OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle Moderate
CVE-2026-41511 was published for OpenMcdf (NuGet) Apr 22, 2026
pawlos Credited to pawlos
justhtml has sanitization bypass in custom policies and programmatic DOM Moderate
GHSA-vrx2-77f2-ww34 was published for justhtml (pip) Apr 22, 2026
EmilStenstrom Credited to EmilStenstrom
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop... Moderate Unreviewed
CVE-2026-23220 was published Feb 18, 2026
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb:... Moderate Unreviewed
CVE-2026-23082 was published Feb 4, 2026
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-34852 was published Apr 13, 2026
Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation... Moderate Unreviewed
CVE-2026-39934 was published Apr 8, 2026
pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream Moderate
CVE-2026-33699 was published for pypdf (pip) Mar 25, 2026
kejcao Credited to kejcao and stefan6419846 stefan6419846 stefan6419846
Denial of service via non-terminating SYLT frame parsing loop in tinytag Moderate
CVE-2026-32889 was published for tinytag (pip) Mar 19, 2026
kq5y Credited to kq5y
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database