Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

38,150 advisories

Loading
The Hubbub Lite – Fast, free social sharing and follow buttons plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-12471 was published Nov 6, 2025
The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed
CVE-2025-11268 was published Nov 6, 2025
Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates... Moderate Unreviewed
CVE-2025-61994 was published Nov 6, 2025
** exclusively-hosted-service ** A Stored Cross-Site Scripting (XSS) vulnerability in the chat... Critical Unreviewed
CVE-2025-63416 was published Nov 5, 2025
A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple... Moderate Unreviewed
CVE-2025-10853 was published Nov 5, 2025
A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of... Moderate Unreviewed
CVE-2025-5770 was published Nov 5, 2025
OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting (XSS) in the user... Moderate Unreviewed
CVE-2025-57244 was published Nov 5, 2025
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC... Moderate Unreviewed
CVE-2025-20289 was published Nov 5, 2025
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC... Moderate Unreviewed
CVE-2025-20304 was published Nov 5, 2025
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC... Moderate Unreviewed
CVE-2025-20303 was published Nov 5, 2025
The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-11820 was published Nov 5, 2025
The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is... Moderate Unreviewed
CVE-2025-11162 was published Nov 5, 2025
The SMS for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-12580 was published Nov 5, 2025
A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of... Moderate Unreviewed
CVE-2025-61431 was published Nov 4, 2025
OctoPrint vulnerable to XSS in Action Commands Notification and Prompt Moderate
CVE-2025-64187 was published for octoprint (pip) Nov 4, 2025
jacopotediosi
Credited to jacopotediosi
The MeetingList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-12184 was published Nov 4, 2025
The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin... Moderate Unreviewed
CVE-2025-12045 was published Nov 4, 2025
The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-11812 was published Nov 4, 2025
The WP Carticon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-12065 was published Nov 4, 2025
The Free Quotation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-12393 was published Nov 4, 2025
The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-12369 was published Nov 4, 2025
The clubmember plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-12396 was published Nov 4, 2025
The Nari Accountant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via account... Moderate Unreviewed
CVE-2025-12371 was published Nov 4, 2025
The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2025-11753 was published Nov 4, 2025
The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2025-11733 was published Nov 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database