Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,148 advisories

Loading
The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2026-7647 was published May 2, 2026
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client ... High Unreviewed
CVE-2026-42471 was published May 1, 2026
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke TCP... High Unreviewed
CVE-2026-37552 was published May 1, 2026
The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically... High Unreviewed
CVE-2026-7584 was published May 1, 2026
camel-infinispan Vulnerable to Deserialization of Untrusted Data High
CVE-2026-6857 was published for org.apache.camel:camel-infinispan (Maven) Apr 22, 2026
PhpSpreadsheet has SSRF/RCE in IOFactory::load when $filename is user controlled High
CVE-2026-34084 was published for phpoffice/phpspreadsheet (Composer) Apr 29, 2026
calligraf0 Credited to calligraf0
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization... High Unreviewed
CVE-2026-24186 was published Apr 28, 2026
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue... High Unreviewed
CVE-2024-31277 was published Apr 7, 2024
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation,... High Unreviewed
CVE-2024-24842 was published Mar 27, 2024
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects... High Unreviewed
CVE-2024-22284 was published Jan 24, 2024
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue... High Unreviewed
CVE-2024-22309 was published Jan 24, 2024
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer... High Unreviewed
CVE-2023-52206 was published Jan 8, 2024
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects... High Unreviewed
CVE-2023-32795 was published Dec 28, 2023
Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive... High Unreviewed
CVE-2023-40555 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue... High Unreviewed
CVE-2023-47507 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue... High Unreviewed
CVE-2023-28782 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This... High Unreviewed
CVE-2023-34027 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This... High Unreviewed
CVE-2023-23649 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in GiveWP GiveWP – Donation Plugin and... High Unreviewed
CVE-2023-32513 was published Dec 28, 2023
Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper,... High Unreviewed
CVE-2023-49826 was published Dec 21, 2023
Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects... High Unreviewed
CVE-2023-46147 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Themesflat Themesflat Addons For Elementor... High Unreviewed
CVE-2023-37390 was published Dec 19, 2023
Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured... High Unreviewed
CVE-2023-49819 was published Dec 19, 2023
Apache Airflow allows code execution through crafted XCom payloads High
CVE-2026-25917 was published for apache-airflow-core (pip) Apr 18, 2026
The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `<keyId>.key` files... High Unreviewed
CVE-2026-40048 was published Apr 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database