Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+

132 advisories

Loading
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Low Unreviewed
CVE-2025-14457 was published Jan 15, 2026
Missing Authorization vulnerability in Automattic Crowdsignal Forms crowdsignal-forms allows... Low Unreviewed
CVE-2025-69015 was published Dec 30, 2025
Missing Authorization vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce wc... Low Unreviewed
CVE-2025-54004 was published Dec 16, 2025
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to... Low Unreviewed
CVE-2025-9218 was published Dec 13, 2025
The WP Fastest Cache plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Low Unreviewed
CVE-2025-10583 was published Dec 12, 2025
AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE Low
CVE-2025-67737 was published for azuracast/azuracast (Composer) Dec 11, 2025
Cillian-Collins
Credited to Cillian-Collins
A user with access to the cluster with a limited set of privilege actions may be able to... Low Unreviewed
CVE-2025-13643 was published Nov 25, 2025
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve... Low Unreviewed
CVE-2025-12817 was published Nov 13, 2025
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via... Low Unreviewed
CVE-2025-64681 was published Nov 10, 2025
Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential... Low Unreviewed
CVE-2025-64352 was published Oct 31, 2025
Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows... Low Unreviewed
CVE-2025-64350 was published Oct 31, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18... Low Unreviewed
CVE-2025-11989 was published Oct 27, 2025
Liferay Portal and DXP are Missing Authorization in Collection Provider Low
CVE-2025-62247 was published for com.liferay:com.liferay.search.experiences.service (Maven) Oct 22, 2025
Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). ... Low Unreviewed
CVE-2025-61755 was published Oct 21, 2025
An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3... Low Unreviewed
CVE-2025-10871 was published Sep 26, 2025
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for... Low Unreviewed
CVE-2025-10173 was published Sep 26, 2025
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar allows Exploiting... Low Unreviewed
CVE-2025-58009 was published Sep 22, 2025
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed
CVE-2025-42914 was published Sep 9, 2025
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed
CVE-2025-42913 was published Sep 9, 2025
Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor allows... Low Unreviewed
CVE-2025-58816 was published Sep 5, 2025
In multiple locations, there is a possible way to view icons belonging to another user due to a... Low Unreviewed
CVE-2025-0076 was published Sep 4, 2025
Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network... Low Unreviewed
CVE-2025-42955 was published Aug 12, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Low
CVE-2025-53857 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Low
CVE-2025-49221 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0... Low Unreviewed
CVE-2025-5846 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database