Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

6,401 advisories

Loading
NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could... High Unreviewed
CVE-2026-24200 was published May 26, 2026
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use... High Unreviewed
CVE-2026-24187 was published May 26, 2026
libyang before 5.2.6 contains a heap use-after-free write vulnerability in... High Unreviewed
CVE-2026-41401 was published May 26, 2026
A file descriptor can be closed while a thread is blocked in a poll(2) or select(2) call waiting... High Unreviewed
CVE-2026-45251 was published May 21, 2026
Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to... High Unreviewed
CVE-2026-9120 was published May 20, 2026
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to... High Unreviewed
CVE-2026-9126 was published May 20, 2026
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote... High Unreviewed
CVE-2026-9111 was published May 20, 2026
Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote... High Unreviewed
CVE-2026-9112 was published May 20, 2026
Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to... High Unreviewed
CVE-2026-9114 was published May 20, 2026
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote... High Unreviewed
CVE-2026-9118 was published May 20, 2026
A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue... High Unreviewed
CVE-2026-3593 was published May 20, 2026
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC... Critical Unreviewed
CVE-2026-33278 was published May 20, 2026
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability... Critical Unreviewed
CVE-2026-8953 was published May 19, 2026
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox... High Unreviewed
CVE-2026-8947 was published May 19, 2026
Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This... High Unreviewed
CVE-2026-47310 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution. Moderate Unreviewed
CVE-2026-28733 was published May 19, 2026
ImageMagick: Use-After-Free in MSL decoder. Moderate
CVE-2026-46523 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
meridian0x01 Credited to meridian0x01
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the... High Unreviewed
CVE-2026-8696 was published May 15, 2026
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that... High Unreviewed
CVE-2026-8695 was published May 15, 2026
rkyv: Panic safety bugs in `InlineVec::clear` and `SerVec::clear` enable arbitrary code execution Moderate
GHSA-vfvv-c25p-m7mm was published for rkyv (Rust) May 15, 2026
Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local... Moderate Unreviewed
CVE-2025-48521 was published May 15, 2026
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to... High Unreviewed
CVE-2026-8581 was published May 14, 2026
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker... High Unreviewed
CVE-2026-8587 was published May 14, 2026
Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote... High Unreviewed
CVE-2026-8555 was published May 14, 2026
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had... High Unreviewed
CVE-2026-8575 was published May 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database