GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,574
Composer 5,678
Erlang 49
GitHub Actions 50
Go 3,630
Maven 6,443
npm 5,931
NuGet 928
pip 4,850
Pub 13
RubyGems 1,045
Rust 1,301
Swift 53

Unreviewed advisories

All unreviewed 300,392

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

42,050 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi... High Unreviewed

CVE-2026-7371 was published May 4, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi... High Unreviewed

CVE-2026-42366 was published May 4, 2026

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored... High Unreviewed

CVE-2026-5063 was published May 3, 2026

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the... Low Unreviewed

CVE-2026-7677 was published May 3, 2026

The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2026-0703 was published May 2, 2026

The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is... Moderate Unreviewed

CVE-2026-4790 was published May 2, 2026

The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-6817 was published May 2, 2026

The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in... Moderate Unreviewed

CVE-2026-5077 was published May 2, 2026

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site... High Unreviewed

CVE-2026-5324 was published May 2, 2026

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Consent... High Unreviewed

CVE-2026-5113 was published May 2, 2026

The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site... High Unreviewed

CVE-2026-5110 was published May 2, 2026

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions... High Unreviewed

CVE-2026-5109 was published May 2, 2026

The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site... High Unreviewed

CVE-2026-5112 was published May 2, 2026

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions... High Unreviewed

CVE-2026-5111 was published May 2, 2026

The Call for Price for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-6447 was published May 2, 2026

The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress... Moderate Unreviewed

CVE-2026-6916 was published May 2, 2026

The Simple Link Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-7209 was published May 2, 2026

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress... Moderate Unreviewed

CVE-2026-4658 was published May 2, 2026

The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `/wp... Moderate Unreviewed

CVE-2026-6378 was published May 2, 2026

A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by... Low Unreviewed

CVE-2026-7596 was published May 1, 2026

Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90.... Moderate Unreviewed

CVE-2025-69606 was published May 1, 2026

Cross-Site Scripting (XSS) in V2Board thru 1.7.4. The custom_html field in theme configuration is... Moderate Unreviewed

CVE-2026-37503 was published May 1, 2026

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a ... Moderate Unreviewed

CVE-2026-40201 was published May 1, 2026

Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13362 was published May 1, 2026

The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-6127 was published May 1, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

42,050 advisories