Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+

3,426 advisories

Loading
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing... Critical Unreviewed
CVE-2026-1331 was published Jan 22, 2026
IBM Concert 1.0.0 through 2.1.0 is vulnerable to malicious file upload by not validating the... High Unreviewed
CVE-2025-33015 was published Jan 20, 2026
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an Arbitrary File Upload... High Unreviewed
CVE-2026-1222 was published Jan 20, 2026
HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file... Low Unreviewed
CVE-2025-55251 was published Jan 19, 2026
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted... Moderate Unreviewed
CVE-2026-1152 was published Jan 19, 2026
A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function... Moderate Unreviewed
CVE-2026-1107 was published Jan 18, 2026
The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-14632 was published Jan 17, 2026
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability... Critical Unreviewed
CVE-2012-10064 was published Jan 16, 2026
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads... Moderate Unreviewed
CVE-2026-21625 was published Jan 16, 2026
Livewire Filemanager does not restrict uploaded file types High
CVE-2025-14894 was published for livewire-filemanager/filemanager (Composer) Jan 16, 2026
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all... High Unreviewed
CVE-2025-12957 was published Jan 16, 2026
Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability,... Critical Unreviewed
CVE-2026-1021 was published Jan 16, 2026
WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows... High Unreviewed
CVE-2021-47788 was published Jan 16, 2026
Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload... Critical Unreviewed
CVE-2011-10041 was published Jan 16, 2026
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload... Moderate Unreviewed
CVE-2021-47783 was published Jan 16, 2026
File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute... Critical Unreviewed
CVE-2025-67079 was published Jan 15, 2026
ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users... Critical Unreviewed
CVE-2021-47819 was published Jan 15, 2026
File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or... Moderate Unreviewed
CVE-2025-67077 was published Jan 15, 2026
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution... High Unreviewed
CVE-2021-47757 was published Jan 15, 2026
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution... High Unreviewed
CVE-2021-47758 was published Jan 15, 2026
phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote... Critical Unreviewed
CVE-2021-47753 was published Jan 15, 2026
The Supreme Modules Lite plugin for WordPress is vulnerable to arbitrary file upload in all... High Unreviewed
CVE-2025-13062 was published Jan 15, 2026
WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows... High Unreviewed
CVE-2022-50936 was published Jan 14, 2026
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated... High Unreviewed
CVE-2022-50916 was published Jan 14, 2026
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated... High Unreviewed
CVE-2022-50907 was published Jan 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database