GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,549
Composer 6,122
Erlang 86
GitHub Actions 54
Go 4,175
Maven 6,713
npm 6,687
NuGet 1,019
pip 5,531
Pub 13
RubyGems 1,102
Rust 1,421
Swift 61

Unreviewed advisories

All unreviewed 310,882

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

290 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Unknown Unreviewed

CVE-2026-50229 was published Jun 29, 2026

Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. Moderate Unreviewed

CVE-2025-64637 was published Jun 26, 2026

Malicious HTML content could be injected into the content rendered by the pretix-digital plugin. Low Unreviewed

CVE-2026-13314 was published Jun 25, 2026

Content injected to PDF rendering contexts could, in many places, include HTML content including ... Low Unreviewed

CVE-2026-57535 was published Jun 25, 2026

Malicious HTML content could be injected into the content of a page in the pretix-pages plugin. Low Unreviewed

CVE-2026-57534 was published Jun 25, 2026

Malicious HTML content could be injected into the page pretix shows when redirection to an... Low Unreviewed

CVE-2026-57533 was published Jun 25, 2026

Malicious HTML content contained in the layout specification of a PDF ticket or badge layout was... High Unreviewed

CVE-2026-57532 was published Jun 25, 2026

Malicious HTML content could be injected into the email address of an order, which pretix showed... Moderate Unreviewed

CVE-2026-13225 was published Jun 25, 2026

An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an... Moderate Unreviewed

CVE-2022-35509 was published Aug 11, 2022

An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and... Moderate Unreviewed

CVE-2025-62198 was published Jun 22, 2026

Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient... Moderate Unreviewed

CVE-2025-71331 was published Jun 20, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-34033 was published Jun 9, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE... High Unreviewed

CVE-2024-2010 was published Sep 12, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-9147 was published Nov 4, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-1013 was published Mar 30, 2023

A reflected cross-site scripting issue exists in URL handling. Moderate Unreviewed

CVE-2026-9646 was published May 28, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39642 was published May 26, 2026

The GDPR cookies module for Backdrop CMS (before 1.x-1.3.5) doesn't sufficiently protect... Low Unreviewed

CVE-2025-71310 was published May 26, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-4663 was published Sep 15, 2023

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2021-44196 was published Mar 7, 2023

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2021-44197 was published Mar 7, 2023

The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-15345 was published May 14, 2026

WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated... Moderate Unreviewed

CVE-2021-47948 was published May 10, 2026

HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the... Low Unreviewed

CVE-2025-59854 was published May 6, 2026

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in... High Unreviewed

CVE-2026-6002 was published May 7, 2026

Previous1…12 Next

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

290 advisories