Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

396 advisories

Loading
The g-FFL Cockpit plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-12720 was published Dec 6, 2025
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and... Moderate Unreviewed
CVE-2025-12505 was published Dec 6, 2025
step-ca Has Improper Authorization Check for SSH Certificate Revocation Moderate
CVE-2025-66406 was published for github.com/smallstep/certificates (Go) Dec 3, 2025
Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when... Moderate Unreviewed
CVE-2025-64063 was published Nov 25, 2025
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... Moderate Unreviewed
CVE-2025-11815 was published Nov 21, 2025
OpenFGA Improper Policy Enforcement Moderate
CVE-2025-64751 was published for github.com/openfga/openfga (Go) Nov 20, 2025
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading... Moderate Unreviewed
CVE-2025-13085 was published Nov 19, 2025
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2025-12814 was published Nov 19, 2025
The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed
CVE-2025-12777 was published Nov 19, 2025
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2025-12494 was published Nov 15, 2025
Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a... Moderate Unreviewed
CVE-2025-12435 was published Nov 10, 2025
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the... Moderate Unreviewed
CVE-2025-12854 was published Nov 7, 2025
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12360 was published Nov 6, 2025
MantisBT unauthorized disclosure of private project column configuration Moderate
CVE-2025-62520 was published for mantisbt/mantisbt (Composer) Nov 3, 2025
jrckmcsb atrol
dregad
Credited to jrckmcsb, atrol, and dregad
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed
CVE-2025-12367 was published Nov 1, 2025
The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all... Moderate Unreviewed
CVE-2025-11174 was published Nov 1, 2025
A security flaw has been discovered in code-projects Client Details System 1.0. The impacted... Moderate Unreviewed
CVE-2025-12283 was published Oct 27, 2025
A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an... Moderate Unreviewed
CVE-2025-12288 was published Oct 27, 2025
The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-6639 was published Oct 25, 2025
The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-12005 was published Oct 25, 2025
The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-11879 was published Oct 25, 2025
The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due... Moderate Unreviewed
CVE-2025-10902 was published Oct 24, 2025
Moodle has a time restriction bypass Moderate
CVE-2025-62401 was published for moodle/moodle (Composer) Oct 23, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22168 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22173 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database