GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
92 advisories
ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.
Moderate
CVE-2026-45624
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define
Moderate
CVE-2026-45359
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
gitsign --verify panics on empty-certificate PKCS7 and exits 0, bypassing exit-code callers
Moderate
CVE-2026-44310
was published
for
github.com/sigstore/gitsign
(Go)
May 8, 2026
vLLM Vulnerable to Remote DoS via Special-Token Placeholders
Moderate
CVE-2026-44222
was published
for
vllm
(pip)
May 5, 2026
Wasmtime: Panic when transcoding misaligned utf-16 strings
Moderate
CVE-2026-34942
was published
for
wasmtime
(Rust)
Apr 9, 2026
Ella Core panics on invalid PDU Session IDs in NGAP messages
Moderate
CVE-2026-33281
was published
for
github.com/ellanetworks/core
(Go)
Mar 19, 2026
Tekton Pipelines controller panic via long resolver name in TaskRun/PipelineRun
Moderate
CVE-2026-33022
was published
for
github.com/tektoncd/pipeline
(Go)
Mar 17, 2026
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow
Moderate
CVE-2026-25882
was published
for
github.com/gofiber/fiber/v2
(Go)
Feb 24, 2026
cert-manager-controller DoS via Specially Crafted DNS Response
Moderate
CVE-2026-25518
was published
for
github.com/cert-manager/cert-manager
(Go)
Feb 2, 2026
ProTip!
Advisories are also available from the
GraphQL API