GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,317

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

156,249 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User... Moderate Unreviewed

CVE-2025-13367 was published Dec 15, 2025

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Moderate Unreviewed

CVE-2025-13610 was published Dec 15, 2025

The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-12900 was published Dec 15, 2025

django-allauth does not reject access tokens for inactive users Moderate

CVE-2025-65430 was published for django-allauth (pip) Dec 15, 2025

The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13608 was published Dec 15, 2025

The FluentAuth – The Ultimate Authorization & Security Plugin for WordPress plugin for WordPress... Moderate Unreviewed

CVE-2025-13728 was published Dec 15, 2025

The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-13950 was published Dec 15, 2025

The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-14003 was published Dec 15, 2025

Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates Moderate

CVE-2025-37731 was published for org.elasticsearch:elasticsearch (Maven) Dec 15, 2025

Apache Airflow exposes secret values to authenticated UI users via rendered templates Moderate

CVE-2025-66388 was published for apache-airflow (pip) Dec 15, 2025

Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79)... Moderate Unreviewed

CVE-2025-37732 was published Dec 15, 2025

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. ... Moderate Unreviewed

CVE-2025-11670 was published Dec 15, 2025

A flaw has been found in FantasticLBP Hotels Server up to... Moderate Unreviewed

CVE-2025-14711 was published Dec 15, 2025

A vulnerability was detected in FantasticLBP Hotels Server up to... Moderate Unreviewed

CVE-2025-14710 was published Dec 15, 2025

LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in... Moderate Unreviewed

CVE-2025-14020 was published Dec 15, 2025

The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar... Moderate Unreviewed

CVE-2025-14021 was published Dec 15, 2025

The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper... Moderate Unreviewed

CVE-2025-11363 was published Dec 15, 2025

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse... Moderate Unreviewed

CVE-2025-14549 was published Dec 15, 2025

A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The affected element is an unknown... Moderate Unreviewed

CVE-2025-14703 was published Dec 15, 2025

A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown... Moderate Unreviewed

CVE-2025-14702 was published Dec 15, 2025

The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13740 was published Dec 15, 2025

A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown... Moderate Unreviewed

CVE-2025-14704 was published Dec 15, 2025

In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow... Moderate Unreviewed

CVE-2025-67906 was published Dec 15, 2025

A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business... Moderate Unreviewed

CVE-2025-14696 was published Dec 15, 2025

A weakness has been identified in atlaszz AI Photo Team Galleryit App 1.3.8.2 on Android. This... Moderate Unreviewed

CVE-2025-14698 was published Dec 15, 2025

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

156,249 advisories