GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

207 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController. Critical Unreviewed

CVE-2025-65836 was published Dec 1, 2025

Server-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to... Critical Unreviewed

CVE-2025-59503 was published Oct 24, 2025

A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5... Critical Unreviewed

CVE-2025-60279 was published Oct 17, 2025

halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api... Critical Unreviewed

CVE-2025-44594 was published Sep 9, 2025

A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with... Critical Unreviewed

CVE-2025-27217 was published Aug 21, 2025

Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password... Critical Unreviewed

CVE-2025-50251 was published Aug 13, 2025

Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-53767 was published Aug 7, 2025

Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of... Critical Unreviewed

CVE-2025-52362 was published Jul 21, 2025

zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl... Critical Unreviewed

CVE-2025-45872 was published Jul 1, 2025

Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the... Critical Unreviewed

CVE-2025-4967 was published May 29, 2025

Server-side request forgery vulnerability exists in a-blog cms multiple versions. If this... Critical Unreviewed

CVE-2025-36560 was published May 19, 2025

The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs. Critical Unreviewed

CVE-2024-6584 was published May 15, 2025

Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery (SSRF) in /api/file/getRemoteContent. Critical Unreviewed

CVE-2025-45887 was published May 9, 2025

Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing... Critical Unreviewed

CVE-2025-29972 was published May 9, 2025

Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-47733 was published May 9, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) via the Scheduled... Critical Unreviewed

CVE-2025-28089 was published Mar 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) in the Collection... Critical Unreviewed

CVE-2025-28090 was published Mar 29, 2025

maccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article. Critical Unreviewed

CVE-2025-28091 was published Mar 29, 2025

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the... Critical Unreviewed

CVE-2024-48590 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API... Critical Unreviewed

CVE-2024-9309 was published Mar 20, 2025

JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... Critical Unreviewed

CVE-2025-25785 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed

CVE-2025-27651 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed

CVE-2025-27655 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed

CVE-2025-27652 was published Mar 5, 2025

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed

CVE-2024-54819 was published Jan 7, 2025

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

207 advisories