CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.