Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,702 advisories

Loading
Mattermost has an Incorrect Authorization vulnerability Low
CVE-2025-10545 was published for github.com/mattermost/mattermost-server (Go) Oct 16, 2025
Mailgen has HTML Injection and XSS Filter Bypass in Plaintext Emails Low
CVE-2025-62380 was published for mailgen (npm) Oct 15, 2025
edoardottt
Credited to edoardottt
Applications using affected versions of Ehcache 3.x can experience degraded cache-write... Low Unreviewed
CVE-2025-2529 was published Oct 15, 2025
reflex-dev/reflex has an Open Redirect vulnerability Low
CVE-2025-62379 was published for reflex (pip) Oct 15, 2025
im-soohyun
Credited to im-soohyun
An improper certificate validation vulnerability was reported in the Lenovo Universal Device... Low Unreviewed
CVE-2025-6026 was published Oct 15, 2025
Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful... Low Unreviewed
CVE-2025-56746 was published Oct 15, 2025
Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site (... Low Unreviewed
CVE-2025-54196 was published Oct 15, 2025
Mailgen has HTML Injection and XSS Filter Bypass in Plaintext Emails Low
CVE-2025-62366 was published for mailgen (npm) Oct 14, 2025
edoardottt
Credited to edoardottt
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an... Low Unreviewed
CVE-2025-59294 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized... Low Unreviewed
CVE-2025-59284 was published Oct 14, 2025
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform... Low Unreviewed
CVE-2025-59280 was published Oct 14, 2025
An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3... Low Unreviewed
CVE-2025-58903 was published Oct 14, 2025
An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in FortiOS 7.6.0 through 7.6.2, 7... Low Unreviewed
CVE-2025-47890 was published Oct 14, 2025
An Insertion of Sensitive Information into Log File vulnerability [CWE-532] in FortiOS 7.6.0... Low Unreviewed
CVE-2025-31514 was published Oct 14, 2025
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a... Low Unreviewed
CVE-2025-8594 was published Oct 14, 2025
SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an... Low Unreviewed
CVE-2025-42909 was published Oct 14, 2025
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured... Low Unreviewed
CVE-2025-58084 was published Oct 13, 2025
tracexec has `env` command argument injection via environment variables starting with dash in traced exec events Low
GHSA-6fgx-x7m2-74qm was published for tracexec (Rust) Oct 13, 2025
kxxt
Credited to kxxt
Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited... Low Unreviewed
CVE-2025-27259 was published Oct 13, 2025
HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to... Low Unreviewed
CVE-2025-31995 was published Oct 13, 2025
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown... Low Unreviewed
CVE-2025-11647 was published Oct 13, 2025
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Low Unreviewed
CVE-2025-11650 was published Oct 13, 2025
A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android.... Low Unreviewed
CVE-2025-11645 was published Oct 12, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database