Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,857
Maven
5,000+
npm
4,488
NuGet
780
pip
4,243
Pub
12
RubyGems
975
Rust
1,095
Swift
49
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Unauthenticated Craft CMS users can trigger a database backup High
CVE-2025-68456 was published for craftcms/cms (Composer) Jan 5, 2026
h4x0r-dz
Credited to h4x0r-dz
phpMyFAQ has unauthenticated config backup download via /api/setup/backup High
CVE-2025-69200 was published for thorsten/phpmyfaq (Composer) Dec 30, 2025
eclipse07077-ljw
Credited to eclipse07077-ljw
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive... High Unreviewed
CVE-2025-36575 was published Jun 10, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive... High Unreviewed
CVE-2025-29981 was published Apr 2, 2025
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web... High Unreviewed
CVE-2024-13255 was published Jan 9, 2025
Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve... High Unreviewed
CVE-2024-6400 was published Oct 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database