Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,884
Maven
5,000+
npm
4,523
NuGet
785
pip
4,265
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,423 advisories

Loading
Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the... Moderate Unreviewed
CVE-2020-37039 was published Jan 31, 2026
Code Blocks 20.03 contains a denial of service vulnerability that allows attackers to crash the... Moderate Unreviewed
CVE-2020-37038 was published Jan 31, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed
CVE-2025-36098 was published Jan 31, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed
CVE-2025-36070 was published Jan 31, 2026
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12... Moderate Unreviewed
CVE-2025-36123 was published Jan 31, 2026
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 could allow an... Moderate Unreviewed
CVE-2025-36387 was published Jan 31, 2026
Undertow Servlets Vulnerable to Remote DoS via OutOfMemoryError when Passed Large Parameter Names High
CVE-2024-4027 was published for io.undertow:undertow-core (Maven) Jan 30, 2026
aSc TimeTables 2021.6.2 contains a denial of service vulnerability that allows attackers to crash... Moderate Unreviewed
CVE-2020-36943 was published Jan 28, 2026
Next.js has Unbounded Memory Consumption via PPR Resume Endpoint Moderate
CVE-2025-59472 was published for next (npm) Jan 28, 2026
Next.js self-hosted applications vulnerable to DoS via Image Optimizer remotePatterns configuration Moderate
CVE-2025-59471 was published for next (npm) Jan 27, 2026
Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to... High Unreviewed
CVE-2020-36950 was published Jan 27, 2026
TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings... Moderate Unreviewed
CVE-2020-36949 was published Jan 27, 2026
SyncBreeze 10.0.28 contains a denial of service vulnerability in the login endpoint that allows... High Unreviewed
CVE-2020-36946 was published Jan 27, 2026
Kyverno Denial of Service via Context Variable Amplification in Policy Engine High
CVE-2026-23881 was published for github.com/kyverno/kyverno (Go) Jan 27, 2026
thevilledev
Credited to thevilledev
gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values Moderate
CVE-2026-24738 was published for github.com/gmrtd/gmrtd (Go) Jan 27, 2026
ramrunner
Credited to ramrunner
KubeVirt Guest Agent DoS via Excessive Network Interface Reports Moderate
CVE-2025-14525 was published for kubevirt.io/kubevirt (Go) Jan 26, 2026
Tanium addressed an uncontrolled resource consumption vulnerability in Discover. Moderate Unreviewed
CVE-2026-1224 was published Jan 26, 2026
Managed Switch Port Mapping Tool 2.85.2 contains a denial of service vulnerability that allows... Moderate Unreviewed
CVE-2021-47894 was published Jan 23, 2026
AgataSoft PingMaster Pro 2.1 contains a denial of service vulnerability in the Trace Route... Moderate Unreviewed
CVE-2021-47893 was published Jan 23, 2026
Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the... Moderate Unreviewed
CVE-2021-47895 was published Jan 23, 2026
orjson does not limit recursion for deeply nested JSON documents Moderate
CVE-2025-67221 was published for orjson (pip) Jan 22, 2026
jrafkind-ai
Credited to jrafkind-ai
Seroval affected by Denial of Service via Deeply Nested Objects High
CVE-2026-24006 was published for seroval (npm) Jan 22, 2026
lxsmnsyc tweidinger
Credited to lxsmnsyc and tweidinger
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18... High Unreviewed
CVE-2025-13927 was published Jan 22, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18... Moderate Unreviewed
CVE-2026-1102 was published Jan 22, 2026
GeoGebra Graphing Calculator 6.0.631.0 contains a denial of service vulnerability that allows... Moderate Unreviewed
CVE-2021-47877 was published Jan 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database