Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,753
Erlang
35
GitHub Actions
29
Go
2,326
Maven
5,000+
npm
3,956
NuGet
712
pip
3,740
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,706 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Emraan Cheema CubeWP – All-in-One Dynamic... Moderate Unreviewed
CVE-2025-30994 was published Jun 6, 2025
Missing Authorization vulnerability in ThemeHunk ThemeHunk allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-30990 was published Jun 6, 2025
Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order allows... Moderate Unreviewed
CVE-2025-29013 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-29011 was published Jun 6, 2025
Missing Authorization vulnerability in Wordapp Team Wordapp allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-30927 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30935 was published Jun 6, 2025
Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン allows Accessing Functionality... Moderate Unreviewed
CVE-2025-30934 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30938 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30931 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30928 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30939 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30930 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30937 was published Jun 6, 2025
Missing Authorization vulnerability in WP Compress WP Compress for MainWP allows Exploiting... Moderate Unreviewed
CVE-2025-30932 was published Jun 6, 2025
Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-30624 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30634 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pozzad Global Translator allows Cross Site... Moderate Unreviewed
CVE-2025-30632 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30625 was published Jun 6, 2025
Missing Authorization vulnerability in Ability, Inc Accessibility Suite allows Exploiting... Moderate Unreviewed
CVE-2025-30636 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30638 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30630 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30637 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Codehaveli Bitly URL Shortener allows Cross... Moderate Unreviewed
CVE-2025-30629 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-30627 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28989 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database