Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
Missing Authorization vulnerability in Kapil Paul Payment Gateway bKash for WC woo-payment-bkash... Critical Unreviewed
CVE-2025-62754 was published Jan 22, 2026
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything... Critical Unreviewed
CVE-2026-24371 was published Jan 22, 2026
Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not... Critical Unreviewed
CVE-2025-14360 was published Jan 8, 2026
Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing... Critical Unreviewed
CVE-2025-14358 was published Jan 8, 2026
Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache... Critical Unreviewed
CVE-2025-67913 was published Jan 8, 2026
Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows... Critical Unreviewed
CVE-2025-68511 was published Dec 24, 2025
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting... Critical Unreviewed
CVE-2025-68508 was published Dec 24, 2025
Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker... Critical Unreviewed
CVE-2025-62906 was published Oct 27, 2025
Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows... Critical Unreviewed
CVE-2025-62944 was published Oct 27, 2025
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed
CVE-2025-62892 was published Oct 27, 2025
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart... Critical Unreviewed
CVE-2025-68535 was published Dec 24, 2025
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows... Critical Unreviewed
CVE-2025-68565 was published Dec 24, 2025
Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview... Critical Unreviewed
CVE-2025-52738 was published Oct 22, 2025
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig... Critical Unreviewed
CVE-2025-66131 was published Dec 16, 2025
Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier... Critical Unreviewed
CVE-2025-53214 was published Nov 6, 2025
Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows... Critical Unreviewed
CVE-2025-62919 was published Oct 27, 2025
Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter... Critical Unreviewed
CVE-2025-53424 was published Oct 22, 2025
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write... Critical Unreviewed
CVE-2021-47812 was published Jan 16, 2026
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to missing authorization to... Critical Unreviewed
CVE-2025-14741 was published Jan 9, 2026
Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly... Critical Unreviewed
CVE-2025-39477 was published Jan 6, 2026
Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows... Critical Unreviewed
CVE-2023-54327 was published Dec 31, 2025
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that... Critical Unreviewed
CVE-2020-36902 was published Dec 10, 2025
Improper Input Validation in net.sf.robocode:robocode.host allows for external service interaction Critical
CVE-2019-10648 was published for net.sf.robocode:robocode.host (Maven) Apr 2, 2019
UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers... Critical Unreviewed
CVE-2023-53923 was published Dec 18, 2025
Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was... Critical Unreviewed
CVE-2025-25953 was published Mar 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database