CVEs affecting projects tracked on Release Alert, from NVD & OSV.
mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.