GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,503
Composer 5,140
Erlang 40
GitHub Actions 38
Go 2,844
Maven 6,212
npm 4,470
NuGet 779
pip 4,231
Pub 12
RubyGems 974
Rust 1,093
Swift 48

Unreviewed advisories

All unreviewed 286,264

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed

CVE-2025-36397 was published Jan 20, 2026

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and... Moderate Unreviewed

CVE-2026-20047 was published Jan 15, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-69169 was published Jan 8, 2026

The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... High Unreviewed

CVE-2025-14835 was published Jan 7, 2026

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-15058 was published Jan 7, 2026

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-14792 was published Jan 7, 2026

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed

CVE-2025-36230 was published Dec 26, 2025

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-14735 was published Dec 20, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-64225 was published Dec 18, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-64633 was published Dec 16, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-63068 was published Dec 9, 2025

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in... Moderate Unreviewed

CVE-2025-58412 was published Nov 19, 2025

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11267 was published Nov 18, 2025

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11265 was published Nov 18, 2025

The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of ... High Unreviewed

CVE-2025-8386 was published Nov 15, 2025

A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop... Moderate Unreviewed

CVE-2025-54348 was published Nov 14, 2025

A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of... High Unreviewed

CVE-2025-54346 was published Nov 14, 2025

The Chart Expert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12753 was published Nov 11, 2025

The Slippy Slider – Responsive Touch Navigation Slider plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11874 was published Nov 11, 2025

IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection. A remote attacker could... Moderate Unreviewed

CVE-2025-33110 was published Nov 6, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... High Unreviewed

CVE-2025-60244 was published Nov 6, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-49398 was published Nov 6, 2025

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-11745 was published Nov 5, 2025

The Visual Link Preview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-11987 was published Nov 5, 2025

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability... Critical Unreviewed

CVE-2025-53883 was published Oct 30, 2025

Previous1…10 Next

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories