豆豆友情提示:这是一个非官方 GitHub 代理镜像,主要用于网络测试或访问加速。请勿在此进行登录、注册或处理任何敏感信息。进行这些操作请务必访问官方网站 github.com。 Raw 内容也通过此代理提供。
Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,549
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,798
Pub
13
RubyGems
1,038
Rust
1,237
Swift
53
Unreviewed advisories
All unreviewed
5,000+

636 advisories

Loading
Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients Moderate
GHSA-29x4-r6jv-ff4w was published for zebra-rpc (Rust) Apr 18, 2026
upbqdn Credited to upbqdn, mpguerra, and conradoplg mpguerra mpguerra
conradoplg conradoplg
Zebra has rk Identity Point Panic in Transaction Verification Critical
GHSA-452v-w3gx-72wg was published for zebra-chain (Rust) Apr 18, 2026
mpguerra Credited to mpguerra
nimiq-consensus panics via RequestMacroChain micro-block locator Moderate
CVE-2026-34069 was published for nimiq-consensus (Rust) Apr 13, 2026
jsdanielh Credited to jsdanielh and 1seal 1seal 1seal
CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing Moderate
CVE-2026-30867 was published for CocoaMQTT (Swift) Apr 3, 2026
t5uki Credited to t5uki
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion... High Unreviewed
CVE-2026-4046 was published Mar 30, 2026
A user with access to the cluster with a limited set of privilege actions can trigger a crash of... Moderate Unreviewed
CVE-2026-5170 was published Mar 30, 2026
libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling High
CVE-2026-34219 was published for libp2p-gossipsub (Rust) Mar 30, 2026
Under certain conditions, `named` may crash when processing a correctly signed query containing a... Moderate Unreviewed
CVE-2026-3119 was published Mar 25, 2026
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea... High Unreviewed
CVE-2026-3608 was published Mar 25, 2026
Any guest issuing a Xenstore command accessing a node using the (illegal) node path "/local... High Unreviewed
CVE-2026-23555 was published Mar 23, 2026
Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145 High
CVE-2026-32314 was published for yamux (Rust) Mar 13, 2026
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09... Moderate Unreviewed
CVE-2025-69653 was published Mar 6, 2026
In the Linux kernel, the following vulnerability has been resolved: romfs: check... Moderate Unreviewed
CVE-2026-23238 was published Mar 4, 2026
Transient DOS when an LTE RLC packet with invalid TB is received by UE. Moderate Unreviewed
CVE-2025-47371 was published Mar 2, 2026
Transient DOS when MAC configures config id greater than supported maximum value. Moderate Unreviewed
CVE-2025-47384 was published Mar 2, 2026
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps Moderate
CVE-2026-27809 was published for psd-tools (pip) Feb 26, 2026
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function... Moderate Unreviewed
CVE-2026-2523 was published Feb 16, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48019 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48023 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48020 was published Feb 13, 2026
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid... High Unreviewed
CVE-2026-25610 was published Feb 10, 2026
A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. Moderate Unreviewed
CVE-2025-12131 was published Feb 5, 2026
In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix... Moderate Unreviewed
CVE-2026-23067 was published Feb 4, 2026
In Modem, there is a possible system crash due to a missing bounds check. This could lead to... High Unreviewed
CVE-2026-20405 was published Feb 2, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to... High Unreviewed
CVE-2026-20422 was published Feb 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database