GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,848

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

273,848 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed

CVE-2025-11742 was published Oct 18, 2025

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all... Moderate Unreviewed

CVE-2025-11738 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-11937 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62667 was published Oct 18, 2025

The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11857 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62671 was published Oct 18, 2025

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is... Moderate Unreviewed

CVE-2025-11378 was published Oct 18, 2025

The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed

CVE-2020-36854 was published Oct 18, 2025

The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin... High Unreviewed

CVE-2020-36853 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62665 was published Oct 18, 2025

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Critical Unreviewed

CVE-2017-20208 was published Oct 18, 2025

The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to,... Critical Unreviewed

CVE-2017-20207 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62662 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62670 was published Oct 18, 2025

The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to,... Critical Unreviewed

CVE-2017-20206 was published Oct 18, 2025

Allocation of Resources Without Limits or Throttling vulnerability in The Wikimedia Foundation... Moderate Unreviewed

CVE-2025-62666 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62663 was published Oct 18, 2025

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed

CVE-2025-62669 was published Oct 18, 2025

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for... Moderate Unreviewed

CVE-2025-11361 was published Oct 18, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-62664 was published Oct 18, 2025

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed

CVE-2025-62668 was published Oct 18, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed

CVE-2025-62646 was published Oct 17, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the... Moderate Unreviewed

CVE-2025-62647 was published Oct 17, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1026 and... Critical Unreviewed

CVE-2025-34215 was published Sep 29, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed

CVE-2025-62648 was published Oct 17, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

273,848 advisories