GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,205
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,552
Maven 6,024
npm 4,224
NuGet 746
pip 3,999
Pub 12
RubyGems 953
Rust 1,041
Swift 45

Unreviewed advisories

All unreviewed 273,126

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,104 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39582 was published Apr 16, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-39589 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39578 was published Apr 16, 2025

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms allows Exploiting... Moderate Unreviewed

CVE-2025-39591 was published Apr 16, 2025

Path Traversal vulnerability in Quý Lê 91 Administrator Z allows Path Traversal. This issue... Moderate Unreviewed

CVE-2025-39598 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39575 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39574 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Payments for WooCommerce... Moderate Unreviewed

CVE-2025-39563 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39555 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39572 was published Apr 16, 2025

Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-39560 was published Apr 16, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-39556 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Shipping for WooCommerce... Moderate Unreviewed

CVE-2025-39564 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39549 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39573 was published Apr 16, 2025

Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security allows... Moderate Unreviewed

CVE-2025-39565 was published Apr 16, 2025

Missing Authorization vulnerability in WPXPO WowStore allows Exploiting Incorrectly Configured... Moderate Unreviewed

CVE-2025-39571 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39528 was published Apr 16, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced... Moderate Unreviewed

CVE-2025-39538 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor... Moderate Unreviewed

CVE-2025-39546 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39540 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39525 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39543 was published Apr 16, 2025

Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting... Moderate Unreviewed

CVE-2025-39552 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39529 was published Apr 16, 2025

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

129,104 advisories