Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,615 advisories

Loading
A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS... High Unreviewed
CVE-2026-20650 was published Feb 12, 2026
An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2025-70886 was published Feb 12, 2026
Traefik: TCP readTimeout bypass via STARTTLS on Postgres High
CVE-2026-25949 was published for github.com/traefik/traefik/v3 (Go) Feb 12, 2026
manizada
Credited to manizada
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3,... High Unreviewed
CVE-2026-20652 was published Feb 12, 2026
Sliver has DNS C2 OTP Bypass that Allows Unauthenticated Session Flooding and Denial of Service High
CVE-2026-25791 was published for github.com/bishopfox/sliver (Go) Feb 6, 2026
xtle0o0
Credited to xtle0o0
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via... High Unreviewed
CVE-2025-69620 was published Feb 4, 2026
AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection High
CVE-2026-25762 was published for @adonisjs/bodyparser (npm) Feb 6, 2026
ZeroXJacks
Credited to ZeroXJacks
Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component... High Unreviewed
CVE-2025-71031 was published Feb 4, 2026
apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams High
CVE-2026-25140 was published for chainguard-dev/apko (Go) Feb 4, 2026
1seal egibs
antitree jdolitsky
Credited to 1seal, egibs, antitree, and jdolitsky
An issue was discovered in Samsung Modem Exynos through 2025-08-29. Incorrect handling of NAS... High Unreviewed
CVE-2025-59439 was published Feb 3, 2026
jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder High
CVE-2026-24133 was published for jspdf (npm) Feb 2, 2026
KarimTantawey
Credited to KarimTantawey
Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered High
CVE-2026-21696 was published for github.com/pterodactyl/wings (Go) Jan 20, 2026
danny6167
Credited to danny6167
Pterodactyl websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks High
CVE-2025-69199 was published for github.com/pterodactyl/wings (Go) Jan 20, 2026
KianBrose
Credited to KianBrose
Hugging Face Text Generation Inference vulnerable to Uncontrolled Resource Consumption High
CVE-2026-0599 was published for text-generation (pip) Feb 2, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9465 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9278 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9464 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9466 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9283 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9282 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9279 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9281 was published Jan 20, 2026
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition.... High Unreviewed
CVE-2025-9280 was published Jan 20, 2026
pyasn1 has a DoS vulnerability in decoder High
CVE-2026-23490 was published for pyasn1 (pip) Jan 16, 2026
tsigouris007
Credited to tsigouris007
A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause... High Unreviewed
CVE-2025-65889 was published Jan 28, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database