Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,936
Maven
5,000+
npm
4,588
NuGet
787
pip
4,296
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+

669 advisories

Loading
Sandbox escape via infinite recursion and error objects Critical
CVE-2026-25533 was published for @enclave-vm/core (npm) Feb 5, 2026
cristianstaicu frontegg-david
Credited to cristianstaicu and frontegg-david
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6... High Unreviewed
CVE-2026-24831 was published Jan 27, 2026
jsonrpc4j has Infinite Loop in RPC Stream Writer Moderate
CVE-2026-24802 was published for com.github.briandilley.jsonrpc4j:jsonrpc4j (Maven) Jan 27, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede ... Critical Unreviewed
CVE-2026-24804 was published Jan 27, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede ... Critical Unreviewed
CVE-2026-24803 was published Jan 27, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console... Critical Unreviewed
CVE-2026-24816 was published Jan 27, 2026
pypdf has possible Infinite Loop when processing outlines/bookmarks Moderate
CVE-2026-24688 was published for pypdf (pip) Jan 26, 2026
JoakimBulow stefan6419846
Credited to JoakimBulow and stefan6419846
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18... Moderate Unreviewed
CVE-2025-13335 was published Jan 22, 2026
ImageMagick MSL: Stack overflow via infinite recursion in ProcessMSLScript Moderate
CVE-2026-23874 was published for Magick.NET-Q16-AnyCPU (NuGet) Jan 21, 2026
OwenSanzas
Credited to OwenSanzas
A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application... High Unreviewed
CVE-2026-21905 was published Jan 15, 2026
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service Moderate Unreviewed
CVE-2026-0960 was published Jan 14, 2026
AIOHTTP vulnerable to DoS when bypassing asserts Moderate
CVE-2025-69227 was published for aiohttp (pip) Jan 5, 2026
ThomasRinsma
Credited to ThomasRinsma
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of... Moderate Unreviewed
CVE-2025-13946 was published Dec 3, 2025
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p... High Unreviewed
CVE-2025-66252 was published Nov 26, 2025
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optin that causes infinite HTTP redirects... Moderate Unreviewed
CVE-2025-41075 was published Nov 20, 2025
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects... Moderate Unreviewed
CVE-2025-41074 was published Nov 20, 2025
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow... Moderate Unreviewed
CVE-2025-63829 was published Nov 18, 2025
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of... Moderate Unreviewed
CVE-2025-11626 was published Oct 11, 2025
In the Linux kernel, the following vulnerability has been resolved: ubi: ubi_wl_put_peb: Fix... Moderate Unreviewed
CVE-2023-53481 was published Oct 1, 2025
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE... High Unreviewed
CVE-2025-20312 was published Sep 24, 2025
In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads... Moderate Unreviewed
CVE-2022-49097 was published Sep 23, 2025
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming... Low Unreviewed
CVE-2025-30187 was published Sep 18, 2025
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite... Moderate Unreviewed
CVE-2025-38727 was published Sep 5, 2025
In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain... Moderate Unreviewed
CVE-2025-38692 was published Sep 5, 2025
jsPDF Denial of Service (DoS) High
CVE-2025-57810 was published for jspdf (npm) Aug 26, 2025
AlexRomberg
Credited to AlexRomberg
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database