Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,941
Maven
5,000+
npm
4,595
NuGet
787
pip
4,299
Pub
12
RubyGems
982
Rust
1,116
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,371 advisories

Loading
The Code Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-1785 was published Feb 6, 2026
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add... Moderate Unreviewed
CVE-2020-37145 was published Feb 5, 2026
Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers... Moderate Unreviewed
CVE-2020-37144 was published Feb 5, 2026
Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead... Moderate Unreviewed
CVE-2020-37149 was published Feb 5, 2026
P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed
CVE-2020-37118 was published Feb 5, 2026
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud... Moderate Unreviewed
CVE-2024-40685 was published Feb 5, 2026
A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb.... Moderate Unreviewed
CVE-2026-1835 was published Feb 4, 2026
Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed
CVE-2020-37091 was published Feb 4, 2026
Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering... Moderate Unreviewed
CVE-2020-37096 was published Feb 4, 2026
Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior does not implement CSRF protections... Moderate Unreviewed
CVE-2026-24434 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Blair Williams ThirstyAffiliates... Moderate Unreviewed
CVE-2026-25024 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site... Moderate Unreviewed
CVE-2026-25015 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows... Moderate Unreviewed
CVE-2026-25014 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import... Moderate Unreviewed
CVE-2026-24986 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape Copyscape Premium copyscape-premium... Moderate Unreviewed
CVE-2026-24966 was published Feb 3, 2026
Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam WpEvently mage-eventpress... Moderate Unreviewed
CVE-2026-24942 was published Feb 3, 2026
The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2026-1447 was published Feb 3, 2026
Cross-site request forgery vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. If a user... Moderate Unreviewed
CVE-2026-20704 was published Feb 3, 2026
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in... Moderate Unreviewed
CVE-2026-0658 was published Feb 2, 2026
A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This... Moderate Unreviewed
CVE-2026-1745 was published Feb 2, 2026
The Popup Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2026-1165 was published Jan 31, 2026
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery... Moderate Unreviewed
CVE-2020-37046 was published Jan 31, 2026
Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed
CVE-2020-37054 was published Jan 31, 2026
Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed
CVE-2020-37026 was published Jan 31, 2026
birkir prime <= 0.4.0.beta.0 contains a cross-site request forgery vulnerability in its GraphQL... Moderate Unreviewed
CVE-2025-15550 was published Jan 29, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database