GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,062
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,757
Maven 6,173
npm 4,363
NuGet 766
pip 4,128
Pub 12
RubyGems 961
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 281,134

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

281,134 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68068 was published Dec 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-68067 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-68076 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-68080 was published Dec 16, 2025

Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate... Moderate Unreviewed

CVE-2025-68071 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-68079 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68078 was published Dec 16, 2025

Missing Authorization vulnerability in merkulove Buttoner for Elementor buttoner-elementor allows... Moderate Unreviewed

CVE-2025-68085 was published Dec 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Meks Meks Quick Plugin Disabler meks-quick... Moderate Unreviewed

CVE-2025-68083 was published Dec 16, 2025

Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows... Moderate Unreviewed

CVE-2025-68086 was published Dec 16, 2025

Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows... Unknown Unreviewed

CVE-2025-68084 was published Dec 16, 2025

Missing Authorization vulnerability in merkulove Modalier for Elementor modalier-elementor allows... Moderate Unreviewed

CVE-2025-68087 was published Dec 16, 2025

Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp... Moderate Unreviewed

CVE-2025-64639 was published Dec 16, 2025

Missing Authorization vulnerability in Syed Balkhi Feeds for YouTube feeds-for-youtube allows... Unknown Unreviewed

CVE-2025-64635 was published Dec 16, 2025

Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce... Moderate Unreviewed

CVE-2025-64638 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-67983 was published Dec 16, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-67948 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-67962 was published Dec 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-67950 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-67912 was published Dec 16, 2025

Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce... Unknown Unreviewed

CVE-2025-67929 was published Dec 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-67951 was published Dec 16, 2025

Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly... Unknown Unreviewed

CVE-2025-67976 was published Dec 16, 2025

Missing Authorization vulnerability in favethemes Homey Core homey-core allows Exploiting... Moderate Unreviewed

CVE-2025-67965 was published Dec 16, 2025

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig... Critical Unreviewed

CVE-2025-66131 was published Dec 16, 2025

Previous 1…12…400 Next

Previous 1 2 … 10 11 12 13 14 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281,134 advisories