GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

479 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-54689 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-52732 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-52716 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-49264 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-49271 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-52728 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-52806 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-25172 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-48332 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-30635 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-48293 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-28979 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-32288 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-49036 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-3703 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-25174 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-24766 was published Aug 14, 2025

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability,... Critical Unreviewed

CVE-2025-8913 was published Aug 13, 2025

A local file inclusion (LFI) vulnerability in Vedo Suite version 2024.17 allows remote... Moderate Unreviewed

CVE-2025-51057 was published Aug 6, 2025

The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file... Critical Unreviewed

CVE-2012-10025 was published Aug 5, 2025

The kallyas theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed

CVE-2025-6991 was published Jul 26, 2025

File contents could be read from the local file system by an attacker. Additionally, malicious... Critical Unreviewed

CVE-2025-24937 was published Jul 21, 2025

The Subscribe to Comments for WordPress is vulnerable to Local File Inclusion in versions up to,... High Unreviewed

CVE-2015-10133 was published Jul 19, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed

CVE-2025-54015 was published Jul 16, 2025

The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2025-6746 was published Jul 8, 2025

Previous 1…6…20 Next

Previous 1 2 3 4 5 6 7 8 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

479 advisories