Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

124,273 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26952 was published Feb 25, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request... Moderate Unreviewed
CVE-2025-26963 was published Feb 25, 2025
Missing Authorization vulnerability in George Pattichis Simple Photo Feed allows Exploiting... Moderate Unreviewed
CVE-2025-27000 was published Feb 25, 2025
Missing Authorization vulnerability in WP Chill Strong Testimonials allows Accessing... Moderate Unreviewed
CVE-2025-26975 was published Feb 25, 2025
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers... Moderate Unreviewed
CVE-2025-26960 was published Feb 25, 2025
Missing Authorization vulnerability in Anton Vanyukov Market Exporter allows Exploiting... Moderate Unreviewed
CVE-2025-26995 was published Feb 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ameliabooking Amelia allows... Moderate Unreviewed
CVE-2025-26965 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26962 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26980 was published Feb 25, 2025
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows... Moderate Unreviewed
CVE-2025-26983 was published Feb 25, 2025
Missing Authorization vulnerability in NotFound Pie Register Premium. This issue affects Pie... Moderate Unreviewed
CVE-2025-26948 was published Feb 25, 2025
Missing Authorization vulnerability in xfinitysoft Order Limit for WooCommerce allows Exploiting... Moderate Unreviewed
CVE-2025-26928 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26937 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26949 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26913 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26947 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26938 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26939 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26945 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26884 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26891 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26893 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26887 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26882 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26904 was published Feb 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database