Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,098
Maven
5,000+
npm
4,984
NuGet
826
pip
4,425
Pub
12
RubyGems
988
Rust
1,170
Swift
50
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
October CMS Vulnerable to Stored XSS via Branding Styles Moderate
CVE-2025-61676 was published for october/system (Composer) Jan 9, 2026
nakkouchtarek Credited to nakkouchtarek and daftspunk daftspunk daftspunk
October CMS Vulnerable to Stored XSS via Editor and Branding Styles Moderate
CVE-2025-61674 was published for october/system (Composer) Jan 9, 2026
nakkouchtarek Credited to nakkouchtarek and daftspunk daftspunk daftspunk
Withdrawn Advisory: October Cross-site Scripting vulnerability Moderate
CVE-2023-43876 was published for october/cms (Composer) Sep 28, 2023 withdrawn
daftspunk Credited to daftspunk
October CMS Safe Mode bypass leads to authenticated Remote Code Execution High
CVE-2022-35944 was published for october/system (Composer) Oct 13, 2022
cydave Credited to cydave and daftspunk daftspunk daftspunk
October CMS CSRF High
CVE-2017-16244 was published for october/october (Composer) May 13, 2022
daftspunk Credited to daftspunk
October CMS - RainLab Blog Plugin XSS Moderate
CVE-2018-7198 was published for rainlab/blog-plugin (Composer) May 13, 2022
daftspunk Credited to daftspunk
October CMS XSS Moderate
CVE-2017-1000193 was published for october/october (Composer) May 13, 2022
daftspunk Credited to daftspunk
October CMS File Upload Vulnerability Critical
CVE-2017-1000194 was published for october/october (Composer) May 13, 2022
daftspunk Credited to daftspunk
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database