GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
150 advisories
ImageMagick: Heap Buffer Over-Write in json and yaml encoder of a single byte due to incorrect fix
Moderate
GHSA-jqq5-8px3-9m6m
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 21, 2026
ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.
Moderate
CVE-2026-46559
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
ImageMagick: Out-of-Bounds Read of a single byte in meta encoder
Moderate
CVE-2026-45358
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
ImageMagick has has an off-by-one origin validation in allows out-of-bounds read in morphology processing
Low
GHSA-q8h3-jv9v-57qx
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Apr 14, 2026
ImageMagick has an off-by-one error in MSL decoder could result in crash
Moderate
CVE-2026-40312
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Apr 14, 2026
Moby has an Off-by-one error in its plugin privilege validation
Moderate
CVE-2026-33997
was published
for
github.com/docker/docker
(Go)
Mar 27, 2026
yauzl contains an off-by-one error
Moderate
CVE-2026-31988
was published
for
yauzl
(npm)
Mar 12, 2026
Envoy affected by off-by-one write in JsonEscaper::escapeString()
Moderate
CVE-2026-26309
was published
for
github.com/envoyproxy/envoy
(Go)
Mar 10, 2026
OpenClaw has allowlist exec-guard bypass via env -S
Moderate
CVE-2026-31992
was published
for
openclaw
(npm)
Mar 3, 2026
ml-dsa's UseHint function has off by two error when r0 equals zero
Moderate
GHSA-h37v-hp6w-2pp8
was published
for
ml-dsa
(Rust)
Feb 2, 2026
ProTip!
Advisories are also available from the
GraphQL API