Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

233 advisories

Loading
nimiq-blockchain is missing a wall-clock upper bound on block timestamps Critical
CVE-2026-40093 was published for nimiq-blockchain (Rust) Apr 10, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18... High Unreviewed
CVE-2025-12664 was published Apr 9, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9,... High Unreviewed
CVE-2026-1092 was published Apr 9, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9... Moderate Unreviewed
CVE-2026-1101 was published Apr 9, 2026
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0.... High Unreviewed
CVE-2026-30573 was published Apr 1, 2026
Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery... Critical Unreviewed
CVE-2026-25345 was published Mar 25, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7,... Moderate Unreviewed
CVE-2025-13078 was published Mar 25, 2026
Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash... Moderate Unreviewed
CVE-2019-25551 was published Mar 21, 2026
Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser Moderate
CVE-2026-33349 was published for fast-xml-parser (npm) Mar 19, 2026
offset Credited to offset and tung2744 tung2744 tung2744
Improper Validation of Specified Quantity in Input (CWE-1284) in the Timelion visualization... Moderate Unreviewed
CVE-2026-26940 was published Mar 19, 2026
Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client High
CVE-2026-1528 was published for undici (npm) Mar 13, 2026
mcollina Credited to mcollina and UlisesGascon UlisesGascon UlisesGascon
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6,... High Unreviewed
CVE-2025-14513 was published Mar 11, 2026
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability... Moderate Unreviewed
CVE-2026-3816 was published Mar 9, 2026
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3... Critical Unreviewed
CVE-2026-27384 was published Mar 5, 2026
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. ... Critical Unreviewed
CVE-2026-3381 was published Mar 5, 2026
Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an... Moderate Unreviewed
CVE-2026-26934 was published Feb 26, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18... High Unreviewed
CVE-2025-14511 was published Feb 25, 2026
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because... Low Unreviewed
CVE-2026-27171 was published Feb 18, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 through 12.1.3 could... Moderate Unreviewed
CVE-2025-14689 was published Feb 17, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-13867 was published Feb 17, 2026
Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory... Moderate Unreviewed
CVE-2025-52534 was published Feb 10, 2026
Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU... Moderate Unreviewed
CVE-2024-21953 was published Feb 10, 2026
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ... High Unreviewed
CVE-2025-15080 was published Feb 5, 2026
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0... Moderate Unreviewed
CVE-2025-36094 was published Feb 4, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed
CVE-2025-36407 was published Jan 31, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database