Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15,176 advisories

Loading
Duplicate Advisory: Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles Low
GHSA-9p6c-jcw8-x98f was published for openbabel (pip) Sep 26, 2025 withdrawn
Duplicate Advisory: Open Babel has out-of-bounds write (overlapping memcpy) in zipstream basic_unzip_streambuf::underflow Low
GHSA-5gfq-xrq4-34rj was published for openbabel (pip) Sep 26, 2025 withdrawn
offset Credited to offset, jojojo8359, and smallex jojojo8359 jojojo8359
smallex smallex
Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule Low
CVE-2025-10994 was published for openbabel (pip) Jun 30, 2026
Duplicate Advisory: Open Babel has Use-after-free in GAMESS GAMESSOutputFormat::ReadMolecule Low
GHSA-5fgf-q57f-wwqf was published for openbabel (pip) Sep 26, 2025 withdrawn
Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence Low
CVE-2026-3408 was published for openbabel (pip) Jun 30, 2026
VedantMadane Credited to VedantMadane
Duplicate Advisory: Open Babel has a NULL pointer dereference in CDXML OBAtom::GetExplicitValence Low
GHSA-fg6r-xgp8-x64r was published for openbabel (pip) Mar 2, 2026 withdrawn
Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge Low
CVE-2026-2705 was published for openbabel (pip) Jun 30, 2026
VedantMadane Credited to VedantMadane
Duplicate Advisory: Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge Low
GHSA-3f56-w4g2-mx64 was published for openbabel (pip) Feb 19, 2026 withdrawn
Open Babel has an out-of-bounds read in CIF transform3d::DescribeAsString Low
CVE-2026-2704 was published for openbabel (pip) Jun 30, 2026
VedantMadane Credited to VedantMadane
Duplicate Advisory: Open Babel has an out-of-bounds read in CIF transform3d::DescribeAsString Low
GHSA-2m54-8m6g-qf93 was published for openbabel (pip) Feb 19, 2026 withdrawn
Twig: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php` Low
CVE-2026-48805 was published for twig/twig (Composer) Jun 30, 2026
fabpot Credited to fabpot
Sigstore Java has a vulnerability with bundle verification of integratedTime Low
CVE-2026-48791 was published for dev.sigstore:sigstore-java (Maven) Jun 30, 2026
Blitz has a Cross-site Scripting issue Low
CVE-2026-9520 was published for blitz (npm) May 26, 2026
TCC-TRANSACTION has an Improper Input Validation vulnerability Low
CVE-2026-9497 was published for org.mengyun:tcc-transaction (Maven) May 26, 2026
hermes-agent has an Incorrect Comparison Low
CVE-2026-9369 was published for hermes-agent (pip) May 26, 2026
jasypt-spring-boot Uses a One-Way Hash without a Salt Low
CVE-2026-9370 was published for com.github.ulisesbocchio:jasypt-spring-boot (Maven) May 26, 2026
ProTip! Advisories are also available from the GraphQL API