GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

37,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG uploads. When a user views... Moderate Unreviewed

CVE-2025-55944 was published Sep 9, 2025

YesWiki Cross Site Scripting vulnerability Moderate

CVE-2025-52277 was published for yeswiki/yeswiki (Composer) Sep 9, 2025

The Wilmer Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9061 was published Sep 9, 2025

The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2025-9058 was published Sep 9, 2025

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an... Moderate Unreviewed

CVE-2025-42938 was published Sep 9, 2025

Liferay Portal is vulnerable to XSS attack through fieldset name in Kaleo Forms Admin Moderate

CVE-2025-43778 was published for com.liferay:com.liferay.portal.workflow.kaleo.forms.web (Maven) Sep 9, 2025

Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an... Moderate Unreviewed

CVE-2025-42920 was published Sep 9, 2025

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an... Moderate Unreviewed

CVE-2025-10117 was published Sep 9, 2025

Liferay Portal is vulnerable to XSS attack through its Style Book theme Low

CVE-2025-43774 was published for com.liferay:com.liferay.frontend.taglib.clay (Maven) Sep 9, 2025

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject... High Unreviewed

CVE-2025-45805 was published Sep 8, 2025

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server High

CVE-2025-58444 was published for @modelcontextprotocol/inspector (npm) Sep 8, 2025

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability... Moderate Unreviewed

CVE-2025-10099 was published Sep 8, 2025

N8N's Chat Trigger component is vulnerable to XSS High

CVE-2025-56265 was published for @n8n/n8n-nodes-langchain (npm) Sep 8, 2025

A flaw has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part... Moderate Unreviewed

CVE-2025-9923 was published Sep 8, 2025

Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross... Critical Unreviewed

CVE-2025-52161 was published Sep 8, 2025

A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a... High Unreviewed

CVE-2025-55998 was published Sep 8, 2025

A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by... Moderate Unreviewed

CVE-2025-9845 was published Sep 8, 2025

'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function ... Moderate Unreviewed

CVE-2014-125128 was published Sep 8, 2025

Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System,... Moderate Unreviewed

CVE-2025-40641 was published Sep 8, 2025

Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to... Moderate Unreviewed

CVE-2025-40642 was published Sep 8, 2025

sanitize-html is vulnerable to XSS through incomprehensive sanitization Moderate

CVE-2019-25225 was published for sanitize-html (npm) Sep 8, 2025

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an... Moderate Unreviewed

CVE-2025-10088 was published Sep 8, 2025

A vulnerability was identified in Portabilis i-Educar up to 2.10. The affected element is an... Moderate Unreviewed

CVE-2025-10074 was published Sep 8, 2025

A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted... Moderate Unreviewed

CVE-2025-10075 was published Sep 8, 2025

A weakness has been identified in itsourcecode POS Point of Sale System 1.0. Impacted is an... Moderate Unreviewed

CVE-2025-10065 was published Sep 7, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

37,007 advisories