Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,961 advisories

Loading
Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an... Moderate Unreviewed
CVE-2025-8886 was published Oct 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue... Low Unreviewed
CVE-2025-52630 was published Oct 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue... Low Unreviewed
CVE-2025-52634 was published Oct 10, 2025
BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver Moderate
CVE-2025-10281 was published for bbot (pip) Oct 9, 2025
justinsteven liquidsec
Credited to justinsteven and liquidsec
A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function... Moderate Unreviewed
CVE-2025-11443 was published Oct 8, 2025
Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain... Moderate Unreviewed
CVE-2025-48464 was published Oct 8, 2025
A security flaw has been discovered in kaifangqian kaifangqian-base up to... Moderate Unreviewed
CVE-2025-11406 was published Oct 7, 2025
When an error occurs in the application a full stacktrace is provided to the user. The... Moderate Unreviewed
CVE-2025-58581 was published Oct 6, 2025
When an error occurs in the application a full stacktrace is provided to the user. The stacktrace... Low Unreviewed
CVE-2025-58589 was published Oct 6, 2025
An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability... Moderate Unreviewed
CVE-2025-60449 was published Oct 3, 2025
The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-9209 was published Oct 3, 2025
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function Moderate
CVE-2025-54290 was published for github.com/canonical/lxd (Go) Oct 2, 2025
The Flock Safety Peripheral com.flocksafety.android.peripheral application 7.38.3 for Android ... High Unreviewed
CVE-2025-59405 was published Oct 2, 2025
YOSHOP 2.0 allows unauthenticated information disclosure via comment-list API endpoints in the... High Unreviewed
CVE-2025-56161 was published Oct 2, 2025
Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated... High Unreviewed
CVE-2025-40645 was published Oct 2, 2025
Exposure of sensitive information in Viday. This vulnerability could allow an attacker to obtain... Moderate Unreviewed
CVE-2025-40646 was published Oct 2, 2025
The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-10744 was published Oct 1, 2025
FormCMS has an improper access control vulnerability in the /api/schemas/history/[schemaId] endpoint Moderate
CVE-2025-55797 was published for FormCMS (NuGet) Sep 30, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed
CVE-2025-34220 was published Sep 29, 2025
A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-11079 was published Sep 27, 2025
An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active... Moderate Unreviewed
CVE-2025-45994 was published Sep 26, 2025
Mercusys MW305R 3.30 and below is has a Transport Layer Security (TLS) certificate private key... Moderate Unreviewed
CVE-2025-56463 was published Sep 26, 2025
A security flaw has been discovered in givanz Vvveb up to 1.0.7.2. This affects an unknown part... Moderate Unreviewed
CVE-2025-11028 was published Sep 26, 2025
OpenMLS improper persistence of the secret tree during message processing Moderate
GHSA-qr9h-x63w-vqfm was published for openmls (Rust) Sep 26, 2025
erdoganege fatihergin
Credited to erdoganege and fatihergin
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11026 was published Sep 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database