GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,306

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

745 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in AncoraThemes Fish House allows Object... Critical Unreviewed

CVE-2025-31631 was published May 23, 2025

Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection.... Critical Unreviewed

CVE-2025-31430 was published May 23, 2025

Deserialization of Untrusted Data vulnerability in AncoraThemes Umberto allows Object Injection.... Critical Unreviewed

CVE-2025-31423 was published May 23, 2025

The Front End User Registration extension for TYPO3 (sr_feuser_register) Remote Code Execution Critical

CVE-2025-48200 was published for sjbr/sr-feuser-register (Composer) May 21, 2025

vLLM Allows Remote Code Execution via PyNcclPipe Communication Service Critical

CVE-2025-47277 was published for vllm (pip) May 20, 2025

Deserialization of Untrusted Data vulnerability in Chimpstudio Foodbakery Sticky Cart allows... Critical Unreviewed

CVE-2025-39356 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This... Critical Unreviewed

CVE-2025-32928 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object... Critical Unreviewed

CVE-2025-39349 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant WordPress allows... Critical Unreviewed

CVE-2025-39348 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object... Critical Unreviewed

CVE-2025-39354 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery allows Object Injection... Critical Unreviewed

CVE-2025-32927 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar... Critical Unreviewed

CVE-2025-47581 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder -... Critical Unreviewed

CVE-2025-39410 was published May 19, 2025

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot... Critical Unreviewed

CVE-2025-47582 was published May 19, 2025

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload... Critical Unreviewed

CVE-2025-42999 was published May 13, 2025

The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,... Critical Unreviewed

CVE-2025-0855 was published May 7, 2025

vLLM Vulnerable to Remote Code Execution via Mooncake Integration Critical

CVE-2025-32444 was published for vllm (pip) Apr 29, 2025

Wazuh server vulnerable to remote code execution Critical

CVE-2025-24016 was published for github.com/wazuh/wazuh (Go) Apr 22, 2025

Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability Critical

CVE-2025-29953 was published for Apache.NMS.ActiveMQ (NuGet) Apr 18, 2025

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution Critical

CVE-2025-32434 was published for pytorch (pip) Apr 18, 2025

Deserialization of Untrusted Data vulnerability in Mahmudul Hasan Arif FluentBoards allows Object... Critical Unreviewed

CVE-2025-39551 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Shahjahan Jewel FluentCommunity allows Object... Critical Unreviewed

CVE-2025-39550 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons... Critical Unreviewed

CVE-2025-39588 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This... Critical Unreviewed

CVE-2025-32658 was published Apr 17, 2025

Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object... Critical Unreviewed

CVE-2025-32572 was published Apr 17, 2025

Previous 1 2 3 4 5 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

745 advisories