Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,563 advisories

Loading
Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak... High Unreviewed
CVE-2024-43394 was published Jul 10, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request... Moderate Unreviewed
CVE-2025-49545 was published Jul 8, 2025
SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22... Moderate Unreviewed
CVE-2025-0292 was published Jul 8, 2025
SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network... Moderate Unreviewed
CVE-2025-42965 was published Jul 8, 2025
Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and... Moderate Unreviewed
CVE-2025-53473 was published Jul 7, 2025
A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-7103 was published Jul 7, 2025
Server-Side Request Forgery (SSRF) vulnerability in TeconceTheme Allmart allows Server Side... High Unreviewed
CVE-2025-49418 was published Jul 4, 2025
Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener allows... Moderate Unreviewed
CVE-2025-28963 was published Jul 4, 2025
The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed
CVE-2025-6729 was published Jul 4, 2025
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request... High Unreviewed
CVE-2025-5817 was published Jul 2, 2025
zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl... Critical Unreviewed
CVE-2025-45872 was published Jul 1, 2025
Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF. Moderate Unreviewed
CVE-2025-52491 was published Jun 30, 2025
MobSF vulnerability allows SSRF due to the allow_redirects=True parameter High
CVE-2024-54000 was published for mobsf (pip) Jun 27, 2025
bulutenes aydinnyunus
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the... Moderate Unreviewed
CVE-2025-6762 was published Jun 27, 2025
The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2025-2940 was published Jun 27, 2025
An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the... Moderate Unreviewed
CVE-2024-51980 was published Jun 26, 2025
Octo STS Unauthenticated SSRF by abusing fields in OpenID Connect tokens High
CVE-2025-52477 was published for github.com/octo-sts/app (Go) Jun 26, 2025
vicevirus cpanato
mgreau eslerm
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a Server-Side... High Unreviewed
CVE-2025-49852 was published Jun 24, 2025
LangChain Community SSRF vulnerability exists in RequestsToolkit component High
CVE-2025-2828 was published for langchain-community (pip) Jun 23, 2025
A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-6517 was published Jun 23, 2025
MLFlow SSRF via gateway_proxy_handler Moderate
CVE-2025-52967 was published for mlflow (pip) Jun 23, 2025
steffenkyhn-git
Server-Side Request Forgery (SSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid –... Moderate Unreviewed
CVE-2025-52713 was published Jun 20, 2025
Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images allows Server... Moderate Unreviewed
CVE-2025-49985 was published Jun 20, 2025
Server-Side Request Forgery (SSRF) vulnerability in Joe Hoyle WPThumb allows Server Side Request... Moderate Unreviewed
CVE-2025-49983 was published Jun 20, 2025
Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows... Moderate Unreviewed
CVE-2025-49984 was published Jun 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database