Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

158,248 advisories

Loading
Server-Side Request Forgery (SSRF) vulnerability in Marco van Wieren WPO365 wpo365-login allows... Moderate Unreviewed
CVE-2025-67961 was published Jan 22, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-67954 was published Jan 22, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Deetronix Booking Ultra Pro... Moderate Unreviewed
CVE-2025-68006 was published Jan 22, 2026
Missing Authorization vulnerability in merkulove Audier For Elementor audier-elementor allows... Moderate Unreviewed
CVE-2025-66139 was published Jan 22, 2026
Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-66141 was published Jan 22, 2026
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows... Moderate Unreviewed
CVE-2025-67939 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-63026 was published Jan 22, 2026
Missing Authorization vulnerability in merkulove Comparimager for Elementor comparimager... Moderate Unreviewed
CVE-2025-66142 was published Jan 22, 2026
Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows... Moderate Unreviewed
CVE-2025-66140 was published Jan 22, 2026
Missing Authorization vulnerability in peachpayments Peach Payments Gateway wc-peach-payments... Moderate Unreviewed
CVE-2025-67942 was published Jan 22, 2026
Missing Authorization vulnerability in merkulove Crumber crumber-elementor allows Exploiting... Moderate Unreviewed
CVE-2025-66143 was published Jan 22, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO Search wp-seo-search allows... Moderate Unreviewed
CVE-2025-67626 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-52762 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49046 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49066 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49249 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47500 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49336 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-47666 was published Jan 22, 2026
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-47600 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49045 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-50006 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-52746 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49043 was published Jan 22, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-48094 was published Jan 22, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database