Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give... High Unreviewed
CVE-2025-66533 was published Dec 9, 2025
Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting... High Unreviewed
CVE-2025-66532 was published Dec 9, 2025
Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting... High Unreviewed
CVE-2025-66534 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link... High Unreviewed
CVE-2025-67465 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail... High Unreviewed
CVE-2025-67469 was published Dec 9, 2025
Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows... High Unreviewed
CVE-2025-67466 was published Dec 9, 2025
Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file... High Unreviewed
CVE-2025-66271 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for... High Unreviewed
CVE-2025-67472 was published Dec 9, 2025
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site... High Unreviewed
CVE-2025-64255 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Folio simple-folio allows... High Unreviewed
CVE-2025-64256 was published Dec 9, 2025
Missing Authorization vulnerability in Ronald Huereca Photo Block photo-block allows Exploiting... High Unreviewed
CVE-2025-64254 was published Dec 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-63074 was published Dec 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-63076 was published Dec 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-63057 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve... High Unreviewed
CVE-2025-63030 was published Dec 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-63036 was published Dec 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-63062 was published Dec 9, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller... High Unreviewed
CVE-2025-62109 was published Dec 9, 2025
Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce... High Unreviewed
CVE-2025-62151 was published Dec 9, 2025
Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows... High Unreviewed
CVE-2025-62153 was published Dec 9, 2025
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows... High Unreviewed
CVE-2025-62152 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes... High Unreviewed
CVE-2025-62739 was published Dec 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-63003 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms... High Unreviewed
CVE-2025-49351 was published Dec 9, 2025
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order... High Unreviewed
CVE-2025-5471 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database