GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,821
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,121
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,979

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,572 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Content Management versions 20.4- 25.3 authenticated attackers may exploit a complex cache... Moderate Unreviewed

CVE-2025-8716 was published Sep 11, 2025

A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function... Moderate Unreviewed

CVE-2025-10251 was published Sep 11, 2025

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the... Moderate Unreviewed

CVE-2025-10253 was published Sep 11, 2025

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in... Moderate Unreviewed

CVE-2025-40696 was published Sep 11, 2025

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in... Moderate Unreviewed

CVE-2025-40694 was published Sep 11, 2025

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in... Moderate Unreviewed

CVE-2025-40695 was published Sep 11, 2025

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in... Moderate Unreviewed

CVE-2025-40693 was published Sep 11, 2025

The Enhanced BibliPlug plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-9855 was published Sep 11, 2025

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9632 was published Sep 11, 2025

The Evenium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-9850 was published Sep 11, 2025

The Plugin updates blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-9634 was published Sep 11, 2025

The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9633 was published Sep 11, 2025

The ThemeLoom Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-9861 was published Sep 11, 2025

The Analytics Reduce Bounce Rate plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-9635 was published Sep 11, 2025

The Mixtape plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-9860 was published Sep 11, 2025

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2025-8423 was published Sep 11, 2025

The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9631 was published Sep 11, 2025

The Workable Api plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-8721 was published Sep 11, 2025

The Admin in English with Switch plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-9623 was published Sep 11, 2025

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-9123 was published Sep 11, 2025

The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-8445 was published Sep 11, 2025

The eID Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’... Moderate Unreviewed

CVE-2025-9128 was published Sep 11, 2025

The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is... Moderate Unreviewed

CVE-2025-8481 was published Sep 11, 2025

The WP Scriptcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url'... Moderate Unreviewed

CVE-2025-8691 was published Sep 11, 2025

The Seo Monster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9620 was published Sep 11, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,572 advisories