GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,330 advisories
urllib3 allows an unbounded number of links in the decompression chain
High
CVE-2025-66418
was published
for
urllib3
(pip)
Dec 5, 2025
VictoriaMetrics' Snappy Decoder DoS Vulnerability is Causing OOM
Low
CVE-2025-65942
was published
for
github.com/VictoriaMetrics/VictoriaMetrics
(Go)
Nov 25, 2025
net-imap rubygem vulnerable to possible DoS by memory exhaustion
Moderate
CVE-2025-43857
was published
for
net-imap
(RubyGems)
Apr 28, 2025
vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`
Moderate
CVE-2025-62426
was published
for
vllm
(pip)
Nov 20, 2025
joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads
Critical
CVE-2025-65015
was published
for
joserfc
(pip)
Nov 18, 2025
Undertow MadeYouReset HTTP/2 DDoS Vulnerability
High
CVE-2025-9784
was published
for
io.undertow:undertow-core
(Maven)
Sep 2, 2025
ProTip!
Advisories are also available from the
GraphQL API