OSV - Open Source Vulnerabilities

GHSA-h66j-xm43-47pp

NuGet/UmbracoCms

Umbraco CMS contains a server-side request forgery vulnerability

3 days ago

No fix available
Severity - 6.9 (Medium)

GHSA-vrgw-pc9c-qrrc

NuGet/UmbracoForms

UmbracoForms Vulnerable to Remote Code Execution via Untrusted WSDL Compilation in Dynamic SOAP Client Generation

5 days ago

No fix available
Severity - 9.9 (Critical)

GHSA-9cvc-h2w8-phrp

NuGet/AWSSDK.Core

AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value

09 Jan

Fix available
Severity - 3.7 (Low)

GHSA-7rvh-xqp3-pr8j

NuGet/Magick.NET-Q16-AnyCPU
NuGet/Magick.NET-Q16-HDRI-AnyCPU
NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
NuGet/Magick.NET-Q16-HDRI-OpenMP-x64
NuGet/Magick.NET-Q16-HDRI-arm64
... 12 more

ImageMagick's failure to limit MVG mutual causes Stack Overflow

30 Dec 2025

Fix available
Severity - 4.0 (Medium)

GHSA-p27m-hp98-6637

NuGet/Magick.NET-Q16-AnyCPU
NuGet/Magick.NET-Q16-HDRI-AnyCPU
NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
NuGet/Magick.NET-Q16-HDRI-OpenMP-x64
NuGet/Magick.NET-Q16-HDRI-arm64
... 12 more

ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

30 Dec 2025

Fix available
Severity - 5.3 (Medium)

MAL-2025-192890

NuGet/sqzrframework480

Malicious code in sqzrframework480 (NuGet)

23 Dec 2025

No fix available

MAL-2025-192889

NuGet/minimutex

Malicious code in minimutex (NuGet)

23 Dec 2025

No fix available

GHSA-54mj-vcvj-q3v5

NuGet/Umbraco.Cms

Umbraco CMS has an arbitrary file upload vulnerability

22 Dec 2025

No fix available
Severity - 5.8 (Medium)

GHSA-83fp-hh9m-c2jq

NuGet/Piranha

Piranha has stored cross-site scripting (XSS) vulnerability

22 Dec 2025

No fix available
Severity - 1.9 (Low)

GHSA-fw48-7qf9-455m

NuGet/Piranha

Piranha has stored cross-site scripting (XSS) vulnerability

22 Dec 2025

No fix available
Severity - 1.9 (Low)

GHSA-4v42-65r3-3gjx

NuGet/Amazon.Extensions.S3.Encryption

Amazon S3 Encryption Client for .NET has a Key Commitment Issue

18 Dec 2025

Fix available
Severity - 6.0 (Medium)

GHSA-vfm5-cr22-jg3m

NuGet/Volo.Abp.Account.Web

ABP Account Module has an Open Redirect through Improper validation in its register function

16 Dec 2025

Fix available
Severity - 5.3 (Medium)

GHSA-6hjr-v6g4-3fm8

NuGet/Magick.NET-Q16-AnyCPU
NuGet/Magick.NET-Q16-HDRI-AnyCPU
NuGet/Magick.NET-Q16-HDRI-x86
NuGet/Magick.NET-Q16-x86
NuGet/Magick.NET-Q8-AnyCPU
... 1 more

ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

10 Dec 2025

Fix available
Severity - 7.5 (High)

GHSA-hfv2-pf68-m33x

NuGet/Umbraco.Cms

Umbraco Vulnerable to Improper File Access and Credential Exposure in Dictionary Import Functionality

09 Dec 2025

Fix available
Severity - 4.9 (Medium)

GHSA-wq34-7f4g-953v

NuGet/Csla

Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer)

08 Dec 2025

Fix available
Severity - 7.2 (High)

MAL-2025-191615

NuGet/solnetunified

Malicious code in solnetunified (NuGet)

01 Dec 2025

No fix available