Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

911 advisories

Loading
ImageMagick has a Stack Overflow in DestroyXMLTree() High
CVE-2026-33908 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
unbengable12 Credited to unbengable12
ImageMagick has a heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds Moderate
CVE-2026-33900 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
shitianyu-2004 Credited to shitianyu-2004
ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml. Moderate
CVE-2026-33899 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
unbengable12 Credited to unbengable12
Microsoft Security Advisory CVE-2026-33116 – .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability High
CVE-2026-33116 was published for System.Security.Cryptography.Xml (NuGet) Apr 14, 2026
DylanW01 Credited to DylanW01
Microsoft Security Advisory CVE-2026-26171 – .NET Denial of Service Vulnerability High
CVE-2026-26171 was published for System.Security.Cryptography.Xml (NuGet) Apr 14, 2026
DylanW01 Credited to DylanW01
Defense in Depth update for NuGet Client Low
GHSA-g4vj-cjjj-v7hg was published for NuGet.CommandLine (NuGet) Apr 14, 2026
Kiota: Code Generation Literal Injection High
GHSA-2hx3-vp6r-mg3f was published for kiota (NuGet) Apr 14, 2026
baywet Credited to baywet and gavinbarron gavinbarron gavinbarron
DotNetNuke.Core security code analysis rules triggered Low
GHSA-fcpv-w245-r2q7 was published for DotNetNuke.Core (NuGet) Apr 14, 2026
bdukes Credited to bdukes and valadas valadas valadas
ImageMagick has a memory leak in PNG encoder when writing a MNG image Low
GHSA-x928-4434-crqj was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
ylwango613 Credited to ylwango613
ImageMagick has out-of-bounds access in ConnectedComponentsImage() via CLI-controlled connected-components:* artifacts Low
GHSA-pmpg-6pww-fg6q was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
ylwango613 Credited to ylwango613
ImageMagick has a heap buffer overflow read in magnify operation via unrecognized magnify:method value Low
GHSA-8vfj-q2cp-5m5j was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
e1abrador Credited to e1abrador
ImageMagick has has a stack-buffer-overflow in MNG encoder with oversized pallete Moderate
GHSA-98cp-rj9f-6v5g was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
unbengable12 Credited to unbengable12
ImageMagick has has an off-by-one origin validation in allows out-of-bounds read in morphology processing Low
GHSA-q8h3-jv9v-57qx was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
shitianyu-2004 Credited to shitianyu-2004
ImageMagick has a heap-buffer-overflow in FTXT encoder Low
GHSA-w54j-7wpm-crhj was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
unbengable12 Credited to unbengable12
Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability Low
CVE-2026-32178 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Apr 14, 2026
DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload High
CVE-2026-40321 was published for DotNetNuke.Core (NuGet) Apr 10, 2026
bdukes Credited to bdukes and valadas valadas valadas
DNN: Same HostGUID for all new installs Low
CVE-2026-40306 was published for DotNetNuke.Core (NuGet) Apr 10, 2026
meetmandeep Credited to meetmandeep, donker, and valadas donker donker
valadas valadas
DNN: Force Friend Request Acceptance Moderate
CVE-2026-40305 was published for DotNetNuke.Core (NuGet) Apr 10, 2026
JesseClarkTT Credited to JesseClarkTT, bdukes, and valadas bdukes bdukes
valadas valadas
ImageMagick has an off-by-one error in MSL decoder could result in crash Moderate
CVE-2026-40312 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
COCOP1l0t Credited to COCOP1l0t
ImageMagick has a heap-use-after-free via XMP profile could result in a crash when printing the values. Moderate
CVE-2026-40311 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
ImageMagick has a heap out-of-bounds write in JP2 encoder Moderate
CVE-2026-40310 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
jakelamberson Credited to jakelamberson
ImageMagick has a heap buffer overflow when encoding JXL image with a 16-bit float Moderate
CVE-2026-40183 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
jakelamberson Credited to jakelamberson
ImageMagick has a heap buffer overflow (WRITE) in the YAML and JSON encoders. Moderate
CVE-2026-40169 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
zer0matt Credited to zer0matt
ImageMagick has an out-of-bounds read in sample operation Moderate
CVE-2026-33905 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
shitianyu-2004 Credited to shitianyu-2004
ImageMagick has a Stack Overflow via Recursive FX Expression Parsing Moderate
CVE-2026-33902 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 14, 2026
fumfel Credited to fumfel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database