Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,561 advisories

Loading
Connections received from the proxy port may not count towards total accepted connections,... High Unreviewed
CVE-2026-1848 was published Feb 10, 2026
Inserting certain large documents into a replica set could lead to replica set secondaries not... High Unreviewed
CVE-2026-1847 was published Feb 10, 2026
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of... High Unreviewed
CVE-2026-1850 was published Feb 10, 2026
Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated... High Unreviewed
CVE-2026-23689 was published Feb 10, 2026
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server. Moderate Unreviewed
CVE-2025-15317 was published Feb 10, 2026
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache... Moderate Unreviewed
CVE-2026-0398 was published Feb 9, 2026
Rate limiting for certain API calls is not being enforced, making HCL Velocity vulnerable to... Moderate Unreviewed
CVE-2025-31990 was published Feb 7, 2026
Antrea has invalid enforcement order for network policy rules caused by integer overflow High
CVE-2026-25804 was published for antrea.io/antrea (Go) Feb 6, 2026
antoninbas Credited to antoninbas and Dyanngg Dyanngg Dyanngg
AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection High
CVE-2026-25762 was published for @adonisjs/bodyparser (npm) Feb 6, 2026
ZeroXJacks Credited to ZeroXJacks
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows... Moderate Unreviewed
CVE-2020-37139 was published Feb 5, 2026
ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers... Moderate Unreviewed
CVE-2020-37143 was published Feb 5, 2026
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash... Moderate Unreviewed
CVE-2020-37134 was published Feb 5, 2026
IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8, 7.7 on Cloud Pak for Data 5.0, and 7.8 on Cloud... Moderate Unreviewed
CVE-2024-39724 was published Feb 4, 2026
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a... Low Unreviewed
CVE-2025-1823 was published Feb 4, 2026
EVE Freely Allocates Buffer on The Stack With Data From Socket Moderate
CVE-2023-43632 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
ingress-nginx vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2026-24514 was published for k8s.io/ingress-nginx (Go) Feb 4, 2026
Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing... High Unreviewed
CVE-2020-37067 was published Feb 4, 2026
VirtualTablet Server 3.0.2 contains a denial of service vulnerability that allows attackers to... High Unreviewed
CVE-2020-37085 was published Feb 4, 2026
Navidrome affected by Denial of Service and disk exhaustion via oversized `size` parameter in `/rest/getCoverArt` and `/share/img/<token>` endpoints Critical
CVE-2026-25579 was published for github.com/navidrome/navidrome (Go) Feb 4, 2026
yunfachi Credited to yunfachi
apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams High
CVE-2026-25140 was published for chainguard-dev/apko (Go) Feb 4, 2026
1seal Credited to 1seal, egibs, antitree, and jdolitsky egibs egibs
antitree antitree jdolitsky jdolitsky
apko affected by unbounded resource consumption in expandapk.Split on attacker-controlled .apk streams Moderate
CVE-2026-25122 was published for chainguard.dev/apko (Go) Feb 3, 2026
1seal Credited to 1seal, egibs, antitree, and jdolitsky egibs egibs
antitree antitree jdolitsky jdolitsky
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58345 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58346 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58343 was published Feb 3, 2026
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor... Moderate Unreviewed
CVE-2025-58348 was published Feb 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database