GitHub Security Advisories

GitHub Security Advisories (GHSA) are authoritative notices for vulnerable open-source packages and ecosystems (for example npm, PyPI, or Maven), usually with a linked CVE. Use the search box to find a GHSA or CVE, narrow by ecosystem or severity, or match phrases in the summary.

Showing 101120 of 2455 advisories
«« First « Prev Page 6 / 123 Next »
GHSA CVE Severity Type Summary Published
GHSA-5pmv-rx8r-wmv5 CVE-2026-52834 high reviewed jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow 2026-07-02 20:45:59 UTC
GHSA-66m8-c62j-h6v5 medium reviewed jxl-oxide: `FrameBuffer::new` creates out-of-bounds slices on overflow 2026-07-02 20:45:10 UTC
GHSA-2v8p-fqpx-2q3w medium reviewed jxl-oxide: integer subtraction overflow panic in cluster_from_table via crafted JXL input (DoS) 2026-07-02 20:44:57 UTC
GHSA-63wg-wjjj-7cp8 CVE-2026-52829 high reviewed Zebra Address Book Aborted by IPv4-Mapped Mempool Misbehavior Update 2026-07-02 20:26:56 UTC
GHSA-65jj-fmw8-468q CVE-2026-52734 medium reviewed zebrad has unbounded memory leak in mempool download pipeline via timeout path cancel_handles retention 2026-07-02 20:12:35 UTC
GHSA-2gf8-q9rr-jq3h CVE-2026-52733 medium reviewed zebrad has persistent on-disk corruption of Sapling/Orchard subtree roots after chain fork via pop_tip 2026-07-02 20:11:36 UTC
GHSA-hhm7-qrv5-h4r6 CVE-2026-52739 medium reviewed Zebra: Repeated Non-Finalized Shielded Transaction Aborts Zebra Before Duplicate-Nullifier Rejection 2026-07-02 19:46:35 UTC
GHSA-w834-cf6p-9m9w CVE-2026-52738 medium reviewed Zebra: Finalized address balance credit-first overflow on consensus-valid blocks 2026-07-02 19:44:54 UTC
GHSA-gvjc-3w7c-92jx CVE-2026-52737 medium reviewed Zebra has sync restart poisoning from single unauthenticated peer via above-lookahead block 2026-07-02 19:44:24 UTC
GHSA-gf9r-m956-97qx CVE-2026-52735 critical reviewed zebrad has consensus divergence via P2SH sigop undercount in pure-Rust disabled-opcode parser 2026-07-02 19:43:36 UTC
GHSA-4m69-67m6-prqp CVE-2026-52736 high reviewed Zebra has block suppression via NU5 same-header body poisoning of sent-hash cache 2026-07-02 19:43:08 UTC
GHSA-h72h-ppcx-998p low reviewed Zebra has pre-handshake buffer capacity reservation based on attacker-claimed body length 2026-07-02 19:42:05 UTC
GHSA-4fc2-h7jh-287c CVE-2026-52732 medium reviewed zebrad has mempool transaction admission denial via single-peer inbound queue saturation 2026-07-02 19:39:02 UTC
GHSA-c8w6-x74f-vmg3 medium reviewed zebrad vulnerable to full node denial of service via crafted Sapling receiver in z_listunifiedreceivers 2026-07-02 19:37:58 UTC
GHSA-443g-gwgp-49x4 low reviewed zebrad vulnerable to getblocks/getheaders locator CPU amplification via uncapped vector length 2026-07-02 19:34:21 UTC
GHSA-qv2r-v3mx-f4pf CVE-2026-52731 medium reviewed zebrad has full node denial of service via non-ASCII LongPollId in getblocktemplate 2026-07-02 19:28:03 UTC
GHSA-77q5-rr5v-x43q high reviewed OpenClaw: Trusted retry endpoint checks could match hostname prefixes 2026-07-02 17:22:11 UTC
GHSA-3rjw-m598-pq24 CVE-2026-50185 medium reviewed Cmov/CmovEq on aarch64 can produce wrong results if high-bits of registers are set 2026-07-02 17:18:11 UTC
GHSA-qjpc-qf9m-xwmr high reviewed OpenClaw: Trusted-proxy Control UI WebSocket accepted client-declared scopes before pairing 2026-07-02 16:43:53 UTC
GHSA-rggc-m335-3wvj high reviewed OpenClaw: Same-host trusted-proxy deployments could accept local forged identity headers 2026-07-02 16:03:10 UTC
«« First « Prev Page 6 / 123 Next »
cvelogic Threat Intelligence