GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,358
Composer 4,819
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,046
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,526

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

694 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Grafana is an open-source platform for monitoring and observability. The Infinity datasource... Moderate Unreviewed

CVE-2025-8341 was published Aug 4, 2025

webfinger.js Blind SSRF Vulnerability Moderate

CVE-2025-54590 was published for webfinger.js (npm) Jul 28, 2025

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream... Moderate Unreviewed

CVE-2025-24485 was published Jul 28, 2025

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical.... Moderate Unreviewed

CVE-2025-8228 was published Jul 27, 2025

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... Moderate Unreviewed

CVE-2025-52455 was published Jul 25, 2025

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... Moderate Unreviewed

CVE-2025-52454 was published Jul 25, 2025

Apwide Golive 10.2.0 Jira plugin allows Server-Side Request Forgery (SSRF) via the test webhook... Moderate Unreviewed

CVE-2025-45939 was published Jul 25, 2025

A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This... Moderate Unreviewed

CVE-2025-8133 was published Jul 25, 2025

The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-5818 was published Jul 23, 2025

A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH... Moderate Unreviewed

CVE-2025-52163 was published Jul 18, 2025

A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0.... Moderate Unreviewed

CVE-2025-7759 was published Jul 18, 2025

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... Moderate Unreviewed

CVE-2025-20288 was published Jul 16, 2025

Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPress allows Server... Moderate Unreviewed

CVE-2025-48294 was published Jul 16, 2025

A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and... Moderate Unreviewed

CVE-2025-51591 was published Jul 11, 2025

CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated... Moderate Unreviewed

CVE-2025-50125 was published Jul 11, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request... Moderate Unreviewed

CVE-2025-49545 was published Jul 8, 2025

SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22... Moderate Unreviewed

CVE-2025-0292 was published Jul 8, 2025

SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network... Moderate Unreviewed

CVE-2025-42965 was published Jul 8, 2025

Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and... Moderate Unreviewed

CVE-2025-53473 was published Jul 7, 2025

A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue... Moderate Unreviewed

CVE-2025-7103 was published Jul 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener allows... Moderate Unreviewed

CVE-2025-28963 was published Jul 4, 2025

The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed

CVE-2025-6729 was published Jul 4, 2025

Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF. Moderate Unreviewed

CVE-2025-52491 was published Jun 30, 2025

A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the... Moderate Unreviewed

CVE-2025-6762 was published Jun 27, 2025

An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the... Moderate Unreviewed

CVE-2024-51980 was published Jun 26, 2025

Previous 1 2 3 4 5 … 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

694 advisories