Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

245,570 advisories

Loading
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26964 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26952 was published Feb 25, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26979 was published Feb 25, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26957 was published Feb 25, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino... Critical Unreviewed
CVE-2025-26966 was published Feb 25, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request... Moderate Unreviewed
CVE-2025-26963 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26981 was published Feb 25, 2025
Missing Authorization vulnerability in George Pattichis Simple Photo Feed allows Exploiting... Moderate Unreviewed
CVE-2025-27000 was published Feb 25, 2025
Missing Authorization vulnerability in WP Chill Strong Testimonials allows Accessing... Moderate Unreviewed
CVE-2025-26975 was published Feb 25, 2025
Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers... Moderate Unreviewed
CVE-2025-26960 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26991 was published Feb 25, 2025
Missing Authorization vulnerability in Anton Vanyukov Market Exporter allows Exploiting... Moderate Unreviewed
CVE-2025-26995 was published Feb 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird allows... Low Unreviewed
CVE-2025-26977 was published Feb 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ameliabooking Amelia allows... Moderate Unreviewed
CVE-2025-26965 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26962 was published Feb 25, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-26985 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26980 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26993 was published Feb 25, 2025
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows... Moderate Unreviewed
CVE-2025-26983 was published Feb 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26974 was published Feb 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26971 was published Feb 25, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26987 was published Feb 25, 2025
Missing Authorization vulnerability in NotFound Pie Register Premium. This issue affects Pie... Moderate Unreviewed
CVE-2025-26948 was published Feb 25, 2025
Missing Authorization vulnerability in xfinitysoft Order Limit for WooCommerce allows Exploiting... Moderate Unreviewed
CVE-2025-26928 was published Feb 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26943 was published Feb 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database