Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,563 advisories

Loading
SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... Moderate Unreviewed
CVE-2025-55139 was published Sep 9, 2025
Liferay Portal is vulnerable to SSRF through custom object attachment fields Moderate
CVE-2025-43763 was published for com.liferay:com.liferay.object.service (Maven) Sep 9, 2025
A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function... Moderate Unreviewed
CVE-2025-10096 was published Sep 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in aitool Ai Auto Tool Content Writing Assistant... Moderate Unreviewed
CVE-2025-58829 was published Sep 5, 2025
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter High
CVE-2025-58179 was published for @astrojs/cloudflare (npm) Sep 4, 2025
ghostdevv monizb
alexanderniebuhr ascorbic ematipico delucis
Mautic vulnerable to SSRF via webhook function Low
CVE-2025-9821 was published for mautic/core (Composer) Sep 3, 2025
asesidaa patrykgruszka
kuzmany lukehebe
Server-Side Request Forgery (SSRF) vulnerability in kamleshyadav Exit Intent Popup allows Server... Moderate Unreviewed
CVE-2025-58641 was published Sep 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in gfazioli WP Bannerize Pro allows Server Side... Moderate Unreviewed
CVE-2025-58615 was published Sep 3, 2025
Next.js Improper Middleware Redirect Handling Leads to SSRF Moderate
CVE-2025-57822 was published for next (npm) Aug 29, 2025
medikoo
Server-Side Request Forgery (SSRF) vulnerability in Chartbeat Chartbeat allows Server Side... Moderate Unreviewed
CVE-2025-53250 was published Aug 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in vEnCa-X rajce allows Server Side Request... Moderate Unreviewed
CVE-2025-48364 was published Aug 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side... Moderate Unreviewed
CVE-2025-58203 was published Aug 27, 2025
A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-9414 was published Aug 26, 2025
Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the type... Moderate Unreviewed
CVE-2024-46413 was published Aug 26, 2025
request-filtering-agent SSRF Bypass via HTTPS Requests to 127.0.0.1 Moderate
CVE-2025-57814 was published for request-filtering-agent (npm) Aug 25, 2025
ikkisoft
PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser High
CVE-2025-54370 was published for phpoffice/phpspreadsheet (Composer) Aug 25, 2025
A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the... Moderate Unreviewed
CVE-2025-9402 was published Aug 25, 2025
A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost... Moderate Unreviewed
CVE-2025-9395 was published Aug 25, 2025
The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for... High Unreviewed
CVE-2025-7813 was published Aug 23, 2025
A server-side request forgery (SSRF) vulnerability exists in the Liferay DXP 2025.Q2.0 through... Moderate Unreviewed
CVE-2025-43747 was published Aug 21, 2025
Mattermost Server SSRF Vulnerability via the Agents Plugin Low
CVE-2025-47700 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with... Critical Unreviewed
CVE-2025-27217 was published Aug 21, 2025
IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery (SSRF). This may... Moderate Unreviewed
CVE-2025-1142 was published Aug 20, 2025
CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized... High Unreviewed
CVE-2025-54925 was published Aug 20, 2025
CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized... High Unreviewed
CVE-2025-54924 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database