Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,486 advisories

Loading
The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26.4. A... High Unreviewed
CVE-2026-28842 was published Mar 25, 2026
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that... High Unreviewed
CVE-2026-27654 was published Mar 24, 2026
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote... High Unreviewed
CVE-2026-4673 was published Mar 24, 2026
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker... High Unreviewed
CVE-2026-4675 was published Mar 24, 2026
Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker... High Unreviewed
CVE-2026-4463 was published Mar 20, 2026
Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed a remote attacker... High Unreviewed
CVE-2026-4455 was published Mar 20, 2026
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote... High Unreviewed
CVE-2026-4443 was published Mar 20, 2026
Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to... High Unreviewed
CVE-2026-4442 was published Mar 20, 2026
Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker... High Unreviewed
CVE-2026-4448 was published Mar 20, 2026
An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that... Low Unreviewed
CVE-2026-3229 was published Mar 19, 2026
Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL... Low Unreviewed
CVE-2026-4395 was published Mar 19, 2026
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic... High Unreviewed
CVE-2026-3549 was published Mar 19, 2026
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When... Moderate Unreviewed
CVE-2026-2646 was published Mar 19, 2026
Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a... High Unreviewed
CVE-2026-3548 was published Mar 19, 2026
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in... Critical Unreviewed
CVE-2006-10003 was published Mar 19, 2026
XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a... Critical Unreviewed
CVE-2006-10002 was published Mar 19, 2026
YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities... Critical Unreviewed
CVE-2026-4177 was published Mar 17, 2026
Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code... High Unreviewed
CVE-2026-3555 was published Mar 16, 2026
Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2026-3556 was published Mar 16, 2026
Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code... High Unreviewed
CVE-2026-3560 was published Mar 16, 2026
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-3085 was published Mar 16, 2026
Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2026-3561 was published Mar 16, 2026
GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-3082 was published Mar 16, 2026
Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code... High Unreviewed
CVE-2026-3557 was published Mar 16, 2026
GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-2920 was published Mar 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database