Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

273,867 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after... Unknown Unreviewed
CVE-2025-40001 was published Oct 18, 2025
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix use-after... Unknown Unreviewed
CVE-2025-40002 was published Oct 18, 2025
A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the... High Unreviewed
CVE-2025-5555 was published Oct 18, 2025
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2025-11256 was published Oct 18, 2025
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure... Moderate Unreviewed
CVE-2025-10750 was published Oct 18, 2025
The Theme Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... High Unreviewed
CVE-2025-9890 was published Oct 18, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9562 was published Oct 18, 2025
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use... Unknown Unreviewed
CVE-2025-40003 was published Oct 18, 2025
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-10006 was published Oct 18, 2025
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for... Moderate Unreviewed
CVE-2025-11270 was published Oct 18, 2025
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2025-11741 was published Oct 18, 2025
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-11391 was published Oct 18, 2025
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization... Moderate Unreviewed
CVE-2025-11519 was published Oct 18, 2025
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-11691 was published Oct 18, 2025
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data... Moderate Unreviewed
CVE-2025-11372 was published Oct 18, 2025
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-11510 was published Oct 18, 2025
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in... Moderate Unreviewed
CVE-2025-11703 was published Oct 18, 2025
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all... High Unreviewed
CVE-2025-11517 was published Oct 18, 2025
The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL... Moderate Unreviewed
CVE-2025-10187 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-11937 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62671 was published Oct 18, 2025
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is... Moderate Unreviewed
CVE-2025-11378 was published Oct 18, 2025
The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed
CVE-2020-36854 was published Oct 18, 2025
The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin... High Unreviewed
CVE-2020-36853 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62665 was published Oct 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database