Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+

3,426 advisories

Loading
NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload High
CVE-2026-24769 was published for nocodb (npm) Jan 28, 2026
p- Credited to p-
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload... Critical Unreviewed
CVE-2025-57794 was published Jan 28, 2026
Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download... Critical Unreviewed
CVE-2025-57795 was published Jan 28, 2026
PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2020-36973 was published Jan 28, 2026
The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2026-1400 was published Jan 28, 2026
code-projects Computer Book Store 1.0 is vulnerable to File Upload in admin_add.php. Critical Unreviewed
CVE-2025-69559 was published Jan 27, 2026
code-projects Mobile Shop Management System 1.0 is vulnerable to File Upload in /ExAddProduct.php. Critical Unreviewed
CVE-2025-69565 was published Jan 27, 2026
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload... High Unreviewed
CVE-2020-36942 was published Jan 27, 2026
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability... Critical Unreviewed
CVE-2026-24815 was published Jan 27, 2026
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable... High Unreviewed
CVE-2026-0911 was published Jan 24, 2026
The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-13374 was published Jan 24, 2026
Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability... High Unreviewed
CVE-2021-47888 was published Jan 23, 2026
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that... High Unreviewed
CVE-2021-47904 was published Jan 23, 2026
YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that... Moderate Unreviewed
CVE-2021-47899 was published Jan 23, 2026
File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818... Critical Unreviewed
CVE-2025-69828 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro... Critical Unreviewed
CVE-2025-69312 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows... Critical Unreviewed
CVE-2025-68986 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic... Critical Unreviewed
CVE-2025-68909 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee... Critical Unreviewed
CVE-2025-68910 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM... Critical Unreviewed
CVE-2025-67968 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl... Critical Unreviewed
CVE-2025-68001 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows... Critical Unreviewed
CVE-2025-50002 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news... Critical Unreviewed
CVE-2025-62056 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic... Critical Unreviewed
CVE-2025-62050 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade... High Unreviewed
CVE-2025-10856 was published Jan 22, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database