GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,266
Composer 5,116
Erlang 40
GitHub Actions 38
Go 2,796
Maven 6,188
npm 4,410
NuGet 772
pip 4,181
Pub 12
RubyGems 965
Rust 1,078
Swift 45

Unreviewed advisories

All unreviewed 284,742

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

284,742 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Unknown Unreviewed

CVE-2026-0675 was published Jan 8, 2026

Missing Authorization vulnerability in G5Theme Zorka zorka allows Exploiting Incorrectly... Unknown Unreviewed

CVE-2026-0676 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68875 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68874 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68873 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68892 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68867 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68891 was published Jan 8, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Unknown Unreviewed

CVE-2025-69169 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68887 was published Jan 8, 2026

Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for... Unknown Unreviewed

CVE-2026-0674 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68890 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-68889 was published Jan 8, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2025-22708 was published Jan 8, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-22728 was published Jan 8, 2026

Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows... Unknown Unreviewed

CVE-2025-22726 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-22725 was published Jan 8, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan... Unknown Unreviewed

CVE-2025-23504 was published Jan 8, 2026

Authorization Bypass Through User-Controlled Key vulnerability in WofficeIO Woffice Core woffice... Unknown Unreviewed

CVE-2025-67919 was published Jan 8, 2026

Path Traversal: '.../...//' vulnerability in beeteam368 VidMov vidmov allows Path Traversal.This... Unknown Unreviewed

CVE-2025-67914 was published Jan 8, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-67921 was published Jan 8, 2026

Missing Authorization vulnerability in loopus WP Attractive Donations System - Easy Stripe &... Unknown Unreviewed

CVE-2025-22715 was published Jan 8, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-22713 was published Jan 8, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-23993 was published Jan 8, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-27004 was published Jan 8, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

284,742 advisories