GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,497

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

38,911 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable... Moderate Unreviewed

CVE-2025-67634 was published Dec 12, 2025

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject... High Unreviewed

CVE-2024-58305 was published Dec 12, 2025

Vuetify has a Cross-site Scripting (XSS) vulnerability in the VDatePicker component Moderate

CVE-2025-8082 was published for vuetify (npm) Dec 12, 2025

A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an... Moderate Unreviewed

CVE-2025-14580 was published Dec 12, 2025

jshERP v3.5 and earlier is affected by a stored Cross Site Scripting (XSS) vulnerability via the ... Moderate Unreviewed

CVE-2025-67344 was published Dec 12, 2025

RuoYi versions 4.8.1 and earlier is affected by a stored XSS vulnerability in the /system/menu... Moderate Unreviewed

CVE-2025-67342 was published Dec 12, 2025

jshERP versions 3.5 and earlier are affected by a stored XSS vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-67341 was published Dec 12, 2025

The Magical Posts Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12965 was published Dec 12, 2025

The AI Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-14030 was published Dec 12, 2025

The MailerLite – Signup forms (official) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-13993 was published Dec 12, 2025

The VikRentItems Flexible Rental Management System plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-14049 was published Dec 12, 2025

The Fancy Product Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2025-12570 was published Dec 12, 2025

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11876 was published Dec 12, 2025

The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2025-4970 was published Dec 12, 2025

The WP Job Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... Moderate Unreviewed

CVE-2025-14467 was published Dec 12, 2025

The Ayo Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-14143 was published Dec 12, 2025

The Wpik WordPress Basic Ajax Form plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-14393 was published Dec 12, 2025

Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.3.0,... Moderate Unreviewed

CVE-2025-53523 was published Dec 12, 2025

Stored cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0,... Moderate Unreviewed

CVE-2025-54407 was published Dec 12, 2025

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3... Moderate Unreviewed

CVE-2025-57883 was published Dec 12, 2025

Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.7.1,... Moderate Unreviewed

CVE-2025-66284 was published Dec 12, 2025

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.7... Moderate Unreviewed

CVE-2025-65120 was published Dec 12, 2025

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14129 was published Dec 12, 2025

The Complag plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `... Moderate Unreviewed

CVE-2025-14125 was published Dec 12, 2025

The App Landing Template Blocks for WPBakery (Visual Composer) Page Builder plugin for WordPress... Moderate Unreviewed

CVE-2025-14119 was published Dec 12, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

38,911 advisories