GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

516 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed

CVE-2025-22175 was published Oct 22, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed

CVE-2025-53056 was published Oct 21, 2025

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2025-11256 was published Oct 18, 2025

The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-11510 was published Oct 18, 2025

An improper authorization vulnerability [CWE-285] in Fortinet FortiOS version 7.4.0 through 7.4.1... Moderate Unreviewed

CVE-2025-54822 was published Oct 14, 2025

Redis Enterprise Elevation of Privilege Vulnerability High Unreviewed

CVE-2025-59271 was published Oct 9, 2025

A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected... Moderate Unreviewed

CVE-2025-11321 was published Oct 6, 2025

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11227 was published Oct 4, 2025

Kazaar 1.25.12 allows /api/v1/org-id/orders/order-id/documents calls with a modified order-id. Moderate Unreviewed

CVE-2025-59686 was published Oct 1, 2025

A flaw has been found in Sistemas Pleno Gestão de Locação up to 2025.7.x. The impacted element is... Moderate Unreviewed

CVE-2025-10947 was published Sep 25, 2025

Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317... High Unreviewed

CVE-2025-59305 was published Sep 24, 2025

A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of... Moderate Unreviewed

CVE-2025-10759 was published Sep 22, 2025

Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper... Moderate Unreviewed

CVE-2025-8532 was published Sep 19, 2025

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource... Moderate Unreviewed

CVE-2025-8057 was published Sep 16, 2025

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An... Moderate Unreviewed

CVE-2025-43231 was published Sep 16, 2025

An authorization issue was addressed with improved state management. This issue is fixed in tvOS... Critical Unreviewed

CVE-2025-31255 was published Sep 16, 2025

In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation... Moderate Unreviewed

CVE-2025-6088 was published Sep 11, 2025

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due... High Unreviewed

CVE-2025-26430 was published Sep 5, 2025

A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function... Moderate Unreviewed

CVE-2025-9835 was published Sep 3, 2025

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function... Moderate Unreviewed

CVE-2025-9836 was published Sep 3, 2025

The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2025-8147 was published Aug 29, 2025

Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate... Critical Unreviewed

CVE-2025-53795 was published Aug 21, 2025

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-7221 was published Aug 21, 2025

The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to... Critical Unreviewed

CVE-2025-7778 was published Aug 15, 2025

A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to... Moderate Unreviewed

CVE-2025-8794 was published Aug 10, 2025

Previous 12…21 Next

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

516 advisories