Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,665 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Booqable Rental Software Booqable Rental... Moderate Unreviewed
CVE-2025-30956 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Michael Cannon Custom Bulk/Quick Edit allows... Moderate Unreviewed
CVE-2025-30946 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30950 was published Jun 6, 2025
Missing Authorization vulnerability in ThemeHunk ThemeHunk allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-30990 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Giraphix Creative Layouts for Elementor allows... Moderate Unreviewed
CVE-2025-30948 was published Jun 6, 2025
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress allows... Moderate Unreviewed
CVE-2025-30957 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30942 was published Jun 6, 2025
Missing Authorization vulnerability in onOffice GmbH onOffice for WP-Websites allows Exploiting... Moderate Unreviewed
CVE-2025-30958 was published Jun 6, 2025
Missing Authorization vulnerability in Dor Zuberi Slack Notifications by dorzki allows Exploiting... Moderate Unreviewed
CVE-2025-30978 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation.... Moderate Unreviewed
CVE-2025-30981 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30977 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30630 was published Jun 6, 2025
Missing Authorization vulnerability in WP Compress WP Compress for MainWP allows Exploiting... Moderate Unreviewed
CVE-2025-30932 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30928 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-29011 was published Jun 6, 2025
Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order allows... Moderate Unreviewed
CVE-2025-29013 was published Jun 6, 2025
Missing Authorization vulnerability in Ability, Inc Accessibility Suite allows Exploiting... Moderate Unreviewed
CVE-2025-30636 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30935 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30625 was published Jun 6, 2025
Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-30624 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30938 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30627 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30939 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30637 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30931 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database