GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,651

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

158,244 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an... Moderate Unreviewed

CVE-2026-8725 was published May 17, 2026

Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows... Moderate Unreviewed

CVE-2021-47981 was published May 16, 2026

CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers... Moderate Unreviewed

CVE-2021-47955 was published May 16, 2026

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed

CVE-2020-37241 was published May 16, 2026

ProcessMaker 3.5.4 contains a local file inclusion vulnerability that allows unauthenticated... Moderate Unreviewed

CVE-2021-47978 was published May 16, 2026

MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to... Moderate Unreviewed

CVE-2021-47934 was published May 16, 2026

WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2021-47975 was published May 16, 2026

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated... Moderate Unreviewed

CVE-2020-37246 was published May 16, 2026

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2021-47957 was published May 16, 2026

WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that... Moderate Unreviewed

CVE-2020-37233 was published May 16, 2026

WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand... Moderate Unreviewed

CVE-2020-37235 was published May 16, 2026

Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2020-37240 was published May 16, 2026

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2020-37238 was published May 16, 2026

NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2020-37236 was published May 16, 2026

Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler... Moderate Unreviewed

CVE-2020-37234 was published May 16, 2026

Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2020-37237 was published May 16, 2026

The Multicollab: Content Team Collaboration and Editorial Workflow plugin for WordPress is... Moderate Unreviewed

CVE-2025-4202 was published May 16, 2026

The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed

CVE-2026-8681 was published May 16, 2026

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to validate the... Moderate Unreviewed

CVE-2026-4054 was published May 15, 2026

Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account... Moderate Unreviewed

CVE-2021-47962 was published May 15, 2026

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2021-47968 was published May 15, 2026

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow... Moderate Unreviewed

CVE-2021-47967 was published May 15, 2026

CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated... Moderate Unreviewed

CVE-2021-47958 was published May 15, 2026

Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to... Moderate Unreviewed

CVE-2021-47963 was published May 15, 2026

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that... Moderate Unreviewed

CVE-2026-45008 was published May 15, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

158,244 advisories