Security Advisories · google/security-research · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Swagger-Parser race condition leads to Cross-Thread Data Contamination
GHSA-2237-hv52-mmg9 published Mar 10, 2026 by rcorrea35

High
Python Wheel (Zip) Parser Differential Vulnerability v2.0
GHSA-w97x-xxj5-gpjx published Jan 22, 2026 by rcorrea35

Moderate
TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Arbitrary Out-of-Bounds Write)
GHSA-jxxm-gxxf-64mg published Jan 6, 2026 by sleightofalex

Moderate
TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Buffer Overflow and Stack Information Leak)
GHSA-46qj-g894-vrxr published Jan 6, 2026 by sleightofalex

Moderate
Palo Alto Vulnerability Report
GHSA-3rw9-99mf-q87w published Dec 18, 2025 by sleightofalex

High
Token Leak via Open Redirection and CSRF in the Callback Handler of cloudflare/workers-oauth-provider
GHSA-2h78-5wx8-jccc published Dec 15, 2025 by sleightofalex

Moderate
"Astral-tokio-tar" / "uv" Arbitrary Write Path Traversal Vulnerability
GHSA-9p78-p5g6-gcj8 published Nov 18, 2025 by rcorrea35

Moderate
Python - Zip64 Locator Offset Vulnerability
GHSA-hhv7-p4pg-wm6p published Oct 27, 2025 by rcorrea35

Moderate
Entrust nShield Connect XC - Multiple Vulnerabilities Leading to Insecure Boot Chain Protections
GHSA-6q4x-m86j-gfwj published Sep 22, 2025 by rcorrea35

High
FFmpeg - Heap-buffer-overflow write in jpeg2000dec
GHSA-39q3-f8jq-v6mg published Sep 8, 2025 by rcorrea35

High