Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,563 advisories

Loading
Dragonfly vulnerable to server-side request forgery High
CVE-2025-59346 was published for github.com/dragonflyoss/dragonfly (Go) Sep 17, 2025
gaius-qi
WonderCMS 3.5.0 is vulnerable to Server-Side Request Forgery (SSRF) in the custom module... Moderate Unreviewed
CVE-2025-57055 was published Sep 17, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59437 was published Sep 16, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59436 was published Sep 16, 2025
HackMD MCP Server has Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2025-59155 was published for hackmd-mcp (npm) Sep 15, 2025
yuna0x0
Ghost vulnerable to Server Side Request Forgery (SSRF) via oEmbed Bookmark Moderate
CVE-2025-9862 was published for ghost (npm) Sep 15, 2025
FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability High
GHSA-hr92-4q35-4j3m was published for flowise (npm) Sep 15, 2025
im-soohyun
A vulnerability was detected in ZKEACMS 4.3. Impacted is the function Proxy of the file src... Moderate Unreviewed
CVE-2025-10471 was published Sep 15, 2025
O'View MapServer developed by PilotGaea Technologies has a Server-Side Request Forgery... Moderate Unreviewed
CVE-2025-10453 was published Sep 15, 2025
A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This... Moderate Unreviewed
CVE-2025-10410 was published Sep 14, 2025
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part... Moderate Unreviewed
CVE-2025-10397 was published Sep 14, 2025
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-10395 was published Sep 14, 2025
A flaw has been found in miurla morphic up to 0.4.5. This impacts the function fetchHtml of the... Moderate Unreviewed
CVE-2025-10393 was published Sep 14, 2025
A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the... Moderate Unreviewed
CVE-2025-10391 was published Sep 14, 2025
A vulnerability was detected in cdevroe unmark up to 1.9.3. This affects an unknown part of the... Moderate Unreviewed
CVE-2025-10329 was published Sep 13, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18... High Unreviewed
CVE-2025-6454 was published Sep 12, 2025
A security vulnerability has been detected in yanyutao0402 ChanCMS 3.3.0. The affected element is... Moderate Unreviewed
CVE-2025-10211 was published Sep 10, 2025
The Auto Save Remote Images (Drafts) plugin for WordPress is vulnerable to Server-Side Request... Moderate Unreviewed
CVE-2025-7843 was published Sep 10, 2025
halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api... Critical Unreviewed
CVE-2025-44594 was published Sep 9, 2025
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server... Moderate Unreviewed
CVE-2025-9269 was published Sep 9, 2025
A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5... Moderate Unreviewed
CVE-2025-5005 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay Product Feeds allows... Moderate Unreviewed
CVE-2025-58977 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request... Moderate Unreviewed
CVE-2025-54249 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache. This... Moderate Unreviewed
CVE-2025-47437 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player allows Server... High Unreviewed
CVE-2025-49430 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database