Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+

2,140 advisories

Loading
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code... Critical Unreviewed
CVE-2025-56005 was published Jan 20, 2026
A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been rated as critical.... Moderate Unreviewed
CVE-2025-5498 was published Jun 3, 2025
A vulnerability classified as critical has been found in slackero phpwcms up to 1.9.45/1.10.8.... Moderate Unreviewed
CVE-2025-5499 was published Jun 3, 2025
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters... Critical Unreviewed
CVE-2025-67911 was published Jan 8, 2026
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers... Critical Unreviewed
CVE-2025-68038 was published Dec 24, 2025
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection... Critical Unreviewed
CVE-2025-64206 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa codiqa allows Object... Critical Unreviewed
CVE-2025-64233 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot... Critical Unreviewed
CVE-2025-60178 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact... Critical Unreviewed
CVE-2025-60174 was published Dec 18, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf... Critical Unreviewed
CVE-2025-60180 was published Dec 18, 2025
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2026-0726 was published Jan 20, 2026
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection... High Unreviewed
CVE-2025-31047 was published Jan 5, 2026
Deserialization of Untrusted Data vulnerability in NooTheme Yogi - Health Beauty & Yoga noo-yogi... High Unreviewed
CVE-2025-54719 was published Nov 6, 2025
Deserialization of Untrusted Data vulnerability in Cristián Lávaque s2Member s2member allows... Critical Unreviewed
CVE-2025-58998 was published Nov 6, 2025
Deserialization of Untrusted Data vulnerability in Scott Reilly Preserve Code Formatting preserve... Critical Unreviewed
CVE-2025-49386 was published Nov 6, 2025
Deserialization of Untrusted Data vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets... Critical Unreviewed
CVE-2025-49393 was published Nov 6, 2025
Deserialization of Untrusted Data vulnerability in wpdreams Ajax Search Lite ajax-search-lite... Critical Unreviewed
CVE-2025-48086 was published Nov 6, 2025
Deserialization of Untrusted Data vulnerability in Chouby Polylang polylang allows Object... High Unreviewed
CVE-2025-64353 was published Oct 31, 2025
Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object... Critical Unreviewed
CVE-2025-60213 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and... High Unreviewed
CVE-2025-60209 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows... Critical Unreviewed
CVE-2025-60214 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in designthemes VEDA veda allows Object Injection... High Unreviewed
CVE-2025-60212 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in designthemes Kriya kriya allows Object... Moderate Unreviewed
CVE-2025-60215 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Addison addison allows Object... Moderate Unreviewed
CVE-2025-60216 was published Oct 22, 2025
Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection... Critical Unreviewed
CVE-2025-60039 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database