GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

413 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26957 was published Feb 25, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26979 was published Feb 25, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26964 was published Feb 25, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26985 was published Feb 25, 2025

Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale Moderate

CVE-2025-22145 was published for nesbot/carbon (Composer) Jan 8, 2025

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed

CVE-2024-12811 was published Feb 28, 2025

The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local... Critical Unreviewed

CVE-2024-9193 was published Feb 28, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-27264 was published Mar 3, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-25109 was published Mar 3, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-23945 was published Mar 3, 2025

Directory Traversal (Local File Inclusion) vulnerability in Tikit (now Advanced) eMarketing... Moderate Unreviewed

CVE-2023-49031 was published Mar 3, 2025

AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion... High Unreviewed

CVE-2023-24217 was published Mar 7, 2023

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-26916 was published Mar 10, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-26933 was published Mar 10, 2025

The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed

CVE-2025-1707 was published Mar 12, 2025

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the... Moderate Unreviewed

CVE-2024-34314 was published May 7, 2024

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed

CVE-2025-1771 was published Mar 15, 2025

Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via ... High Unreviewed

CVE-2024-37479 was published Jul 2, 2024

The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to... High Unreviewed

CVE-2024-12563 was published Mar 18, 2025

The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable... Critical Unreviewed

CVE-2024-13790 was published Mar 19, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-53739 was published Nov 30, 2024

A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows... High Unreviewed

CVE-2024-51319 was published Mar 11, 2025

Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=.... High Unreviewed

CVE-2025-26137 was published Mar 18, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-23937 was published Mar 26, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-24690 was published Mar 26, 2025

Previous 1…5…17 Next

Previous 1 2 3 4 5 6 7 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

413 advisories