Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

28 advisories

Loading
The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for... Moderate Unreviewed
CVE-2025-15551 was published Feb 5, 2026
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()'... High Unreviewed
CVE-2020-37137 was published Feb 5, 2026
Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2026-0769 was published Jan 23, 2026
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor... High Unreviewed
CVE-2026-0863 was published Jan 18, 2026
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python... Critical Unreviewed
CVE-2025-54322 was published Dec 27, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-43466 was published Dec 12, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-43388 was published Dec 12, 2025
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4... High Unreviewed
CVE-2025-65530 was published Dec 12, 2025
The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the... Critical Unreviewed
CVE-2025-12140 was published Nov 27, 2025
A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with... High Unreviewed
CVE-2025-61955 was published Oct 15, 2025
The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human... Critical Unreviewed
CVE-2011-10033 was published Oct 15, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability... Moderate Unreviewed
CVE-2025-55585 was published Aug 18, 2025
The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version... High Unreviewed
CVE-2025-8420 was published Aug 6, 2025
PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user... Critical Unreviewed
CVE-2013-10070 was published Aug 5, 2025
A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to... Critical Unreviewed
CVE-2013-10051 was published Aug 1, 2025
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the... Critical Unreviewed
CVE-2025-26845 was published May 8, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10633 was published Jan 26, 2025
The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to... Critical Unreviewed
CVE-2024-8512 was published Oct 30, 2024
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is... High Unreviewed
CVE-2023-26323 was published Aug 28, 2024
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an... Critical Unreviewed
CVE-2024-7954 was published Aug 23, 2024
calculator-boilerplate v1.0 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2024-39173 was published Jul 18, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external... High Unreviewed
CVE-2023-7224 was published Jan 8, 2024
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet:... High Unreviewed
CVE-2023-7101 was published Dec 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database