Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,910 advisories

Loading
Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway... Critical Unreviewed
CVE-2025-47532 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels allows Object Injection.... Critical Unreviewed
CVE-2025-47530 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Medicare allows Object Injection.... Critical Unreviewed
CVE-2025-39499 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in designthemes Crafts & Arts allows Object... High Unreviewed
CVE-2025-31924 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in designthemes Finance Consultant allows Object... High Unreviewed
CVE-2025-32293 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in ThemeMakers Car Dealer allows Object Injection... Critical Unreviewed
CVE-2025-39480 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hotel allows Object... Critical Unreviewed
CVE-2025-39503 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Avantage allows Object Injection.... Critical Unreviewed
CVE-2025-39495 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency... Critical Unreviewed
CVE-2025-39485 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in designthemes Pet World allows Object Injection... High Unreviewed
CVE-2025-32284 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in GoodLayers Goodlayers Hostel allows Object... Critical Unreviewed
CVE-2025-39500 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This... Critical Unreviewed
CVE-2025-31927 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis – Night Club, Concert,... Critical Unreviewed
CVE-2025-32292 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection.... Critical Unreviewed
CVE-2025-31430 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business... Critical Unreviewed
CVE-2025-31069 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This... Critical Unreviewed
CVE-2025-31049 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto allows Object Injection.... Critical Unreviewed
CVE-2025-31423 was published May 23, 2025
Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House allows Object... Critical Unreviewed
CVE-2025-31631 was published May 23, 2025
The Glossary by WPPedia – Best Glossary plugin for WordPress plugin for WordPress is vulnerable... High Unreviewed
CVE-2025-4803 was published May 21, 2025
The Front End User Registration extension for TYPO3 (sr_feuser_register) Remote Code Execution Critical
CVE-2025-48200 was published for sjbr/sr-feuser-register (Composer) May 21, 2025
An authenticated user can modify application state data. High Unreviewed
CVE-2025-48018 was published May 20, 2025
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service Critical
CVE-2025-47277 was published for vllm (pip) May 20, 2025
kikayli russellb
funscoietyxboyz
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This... Critical Unreviewed
CVE-2025-32928 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object... Critical Unreviewed
CVE-2025-39354 was published May 19, 2025
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object... Critical Unreviewed
CVE-2025-39349 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database