Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,931
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,382
Swift
56
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Nerdbank.MessagePack has Inefficient CPU Computation Moderate
GHSA-92vj-hp7m-gwcj was published for Nerdbank.MessagePack (NuGet) May 29, 2026
AArnott Credited to AArnott
Nerdbank.MessagePack has a memory amplification DoS in collection deserialization Moderate
GHSA-qjvr-435c-5fjh was published for Nerdbank.MessagePack (NuGet) May 29, 2026
svenclaesson Credited to svenclaesson and AArnott AArnott AArnott
MessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflow Moderate
CVE-2024-48924 was published for MessagePack (NuGet) Oct 17, 2024
AArnott Credited to AArnott, neuecc, and GrabYourPitchforks neuecc neuecc
GrabYourPitchforks GrabYourPitchforks
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database