Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,212
NuGet
744
pip
3,988
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+

37,546 advisories

Loading
A security flaw has been discovered in ixmaps website2017 up to... Moderate Unreviewed
CVE-2025-11291 was published Oct 5, 2025
A vulnerability was determined in westboy CicadasCMS up to... Moderate Unreviewed
CVE-2025-11289 was published Oct 5, 2025
A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-11282 was published Oct 5, 2025
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-11283 was published Oct 5, 2025
A security vulnerability has been detected in AllStarLink Supermon up to 6.2. This vulnerability... Moderate Unreviewed
CVE-2025-11278 was published Oct 5, 2025
A security flaw has been discovered in Rebuild up to 4.1.3. Affected by this issue is some... Moderate Unreviewed
CVE-2025-11276 was published Oct 5, 2025
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for... Moderate Unreviewed
CVE-2025-9952 was published Oct 4, 2025
The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is... Moderate Unreviewed
CVE-2025-10383 was published Oct 4, 2025
The Majestic Before After Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-9030 was published Oct 4, 2025
The WP Photo Album Plus plugin for WordPress is vulnerable to Cross-Site Scripting in all... Moderate Unreviewed
CVE-2025-8726 was published Oct 4, 2025
Flowise Stored XSS vulnerability through logs in chatbot Moderate
GHSA-7r4h-vmj9-wg42 was published for flowise (npm) Oct 3, 2025
LIFE-team2024
Credited to LIFE-team2024
Flowise vulnerable to stored XSS via "View Messages" allows credential theft in FlowiseAI admin panel Critical
GHSA-964p-j4gg-mhwc was published for flowise (npm) Oct 3, 2025
mikensec
Credited to mikensec
Flowise vulnerable to XSS Moderate
GHSA-4fr9-3x69-36wv was published for flowise (npm) Oct 3, 2025
quitbug
Credited to quitbug
NiceGUI has a Reflected XSS Moderate
CVE-2025-53354 was published for nicegui (pip) Oct 3, 2025
oxqnd
Credited to oxqnd
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application.... High Unreviewed
CVE-2025-52653 was published Oct 3, 2025
nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/[id]. Each... Moderate Unreviewed
CVE-2021-42193 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60451 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60454 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60452 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60453 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in Emlog Pro 2.5.19. The... Moderate Unreviewed
CVE-2025-60448 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in Emlog Pro 2.5.19. The... Moderate Unreviewed
CVE-2025-60447 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in XunRuiCMS version 4.7.1.... Moderate Unreviewed
CVE-2025-60445 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60450 was published Oct 3, 2025
The X Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-9204 was published Oct 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database