Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

2,628 advisories

Loading
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a... Moderate Unreviewed
CVE-2026-6385 was published Apr 15, 2026
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in... Moderate Unreviewed
CVE-2026-40915 was published Apr 15, 2026
Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized... High Unreviewed
CVE-2026-26178 was published Apr 14, 2026
A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb... Moderate Unreviewed
CVE-2026-39811 was published Apr 14, 2026
ImageMagick has an integer overflow in despeckle operation causing a heap buffer overflow on 32-bit builds Moderate
CVE-2026-34238 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
shitianyu-2004 Credited to shitianyu-2004
ImageMagick has a heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds Moderate
CVE-2026-33900 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
shitianyu-2004 Credited to shitianyu-2004
Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined... Moderate Unreviewed
CVE-2026-40447 was published Apr 13, 2026
Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue... High Unreviewed
CVE-2026-25208 was published Apr 13, 2026
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could... Moderate Unreviewed
CVE-2026-40385 was published Apr 12, 2026
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-4154 was published Apr 11, 2026
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-4150 was published Apr 11, 2026
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-4151 was published Apr 11, 2026
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to... High Unreviewed
CVE-2026-5477 was published Apr 10, 2026
Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT vulnerable to Integer Overflow or Wraparound Moderate
CVE-2026-40046 was published for org.apache.activemq:activemq-all (Maven) Apr 9, 2026
Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to... High Unreviewed
CVE-2026-5870 was published Apr 9, 2026
OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write High
CVE-2026-34589 was published for OpenEXR (pip) Apr 8, 2026
quangIO Credited to quangIO
OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write High
CVE-2026-34588 was published for OpenEXR (pip) Apr 8, 2026
quangIO Credited to quangIO
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server... High Unreviewed
CVE-2026-24173 was published Apr 7, 2026
An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of... High Unreviewed
CVE-2026-24450 was published Apr 7, 2026
A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw... High Unreviewed
CVE-2026-24660 was published Apr 7, 2026
A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw... Critical Unreviewed
CVE-2026-20889 was published Apr 7, 2026
An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw... High Unreviewed
CVE-2026-20884 was published Apr 7, 2026
Incorrect boundary conditions, integer overflow in the Graphics: Text component. This... High Unreviewed
CVE-2026-5732 was published Apr 7, 2026
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead... Moderate Unreviewed
CVE-2026-20446 was published Apr 7, 2026
Memory corruption when decoding corrupted satellite data files with invalid signature offsets. High Unreviewed
CVE-2025-47392 was published Apr 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database