Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,883
Erlang
37
GitHub Actions
38
Go
2,538
Maven
5,000+
npm
4,200
NuGet
743
pip
3,976
Pub
12
RubyGems
947
Rust
1,031
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,091 advisories

Loading
Missing Authorization vulnerability in ThemeAtelier IDonatePro allows Exploiting Incorrectly... High Unreviewed
CVE-2025-30639 was published Aug 14, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary... High Unreviewed
CVE-2025-8418 was published Aug 12, 2025
The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-6253 was published Aug 12, 2025
The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-1934 was published Apr 9, 2024
A low privileged local attacker can interact with the affected service although user-interaction... High Unreviewed
CVE-2025-41698 was published Aug 5, 2025
The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing... High Unreviewed
CVE-2025-6754 was published Aug 2, 2025
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers... High Unreviewed
CVE-2025-8322 was published Jul 30, 2025
The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-7689 was published Jul 29, 2025
HAX CMS API Lacks Authorization Checks High
CVE-2025-54378 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 25, 2025
lfgberg
The Dataverse Integration plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-7695 was published Jul 25, 2025
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data... High Unreviewed
CVE-2023-7306 was published Jul 25, 2025
The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due... High Unreviewed
CVE-2025-5835 was published Jul 25, 2025
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-6190 was published Jul 23, 2025
Missing Authorization vulnerability in Drupal File Download allows Forceful Browsing.This issue... High Unreviewed
CVE-2025-7717 was published Jul 21, 2025
The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing... High Unreviewed
CVE-2025-6813 was published Jul 18, 2025
The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check... High Unreviewed
CVE-2025-6718 was published Jul 18, 2025
Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly... High Unreviewed
CVE-2025-52803 was published Jul 16, 2025
Missing Authorization vulnerability in uxper Nuss allows Accessing Functionality Not Properly... High Unreviewed
CVE-2025-52804 was published Jul 16, 2025
Missing Authorization vulnerability in pimwick PW WooCommerce On Sale! allows Exploiting... High Unreviewed
CVE-2025-49888 was published Jul 16, 2025
Missing Authorization vulnerability in Md Yeasin Ul Haider URL Shortener allows Accessing... High Unreviewed
CVE-2025-28965 was published Jul 16, 2025
Missing Authorization vulnerability in August Infotech Multi-language Responsive Contact Form... High Unreviewed
CVE-2025-29000 was published Jul 16, 2025
The Ultimate WP Mail plugin for WordPress is vulnerable to Privilege Escalation due to improper... High Unreviewed
CVE-2025-6993 was published Jul 16, 2025
The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is... High Unreviewed
CVE-2025-6043 was published Jul 16, 2025
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an... High Unreviewed
CVE-2025-53959 was published Jul 15, 2025
A Missing Authorization vulnerability in the internal virtual routing and forwarding (VRF) of... High Unreviewed
CVE-2025-52954 was published Jul 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database