GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,036
Composer 4,791
Erlang 36
GitHub Actions 29
Go 2,370
Maven 5,681
npm 3,995
NuGet 720
pip 3,789
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 261,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

908 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability allowing local system users to modify directory contents, allowing for arbitrary... Moderate Unreviewed

CVE-2025-24287 was published Jun 19, 2025

A vulnerability, which was classified as problematic, was found in wix-incubator jam up to... Moderate Unreviewed

CVE-2025-3841 was published Apr 21, 2025

An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate... Moderate Unreviewed

CVE-2023-51820 was published Feb 2, 2024

A vulnerability was found in handrew browserpilot up to 0.2.51. It has been declared as critical.... Moderate Unreviewed

CVE-2025-4218 was published May 2, 2025

A vulnerability classified as critical has been found in letta-ai letta up to 0.4.1. Affected is... Moderate Unreviewed

CVE-2025-6101 was published Jun 16, 2025

A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical.... Moderate Unreviewed

CVE-2025-4866 was published May 18, 2025

A vulnerability was found in DedeCMS 5.7.117. It has been classified as critical. Affected is an... Moderate Unreviewed

CVE-2025-5137 was published May 25, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in cmoreira Team Showcase... Moderate Unreviewed

CVE-2025-49250 was published Jun 6, 2025

Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed

CVE-2025-41362 was published Jun 6, 2025

Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability... Moderate Unreviewed

CVE-2025-41365 was published Jun 6, 2025

A vulnerability classified as critical has been found in defog-ai introspect up to 0.1.4. This... Moderate Unreviewed

CVE-2025-5151 was published May 25, 2025

HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker... Moderate Unreviewed

CVE-2023-37518 was published Jan 30, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP... Moderate Unreviewed

CVE-2025-48119 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite... Moderate Unreviewed

CVE-2025-48120 was published May 16, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG... Moderate Unreviewed

CVE-2025-47562 was published May 16, 2025

Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed

CVE-2023-5677 was published Feb 5, 2024

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed

CVE-2025-0134 was published May 14, 2025

A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-4022 was published Apr 28, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute... Moderate Unreviewed

CVE-2025-28201 was published May 9, 2025

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed

CVE-2025-4208 was published May 8, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member... Moderate Unreviewed

CVE-2025-47691 was published May 7, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in GS Plugins GS... Moderate Unreviewed

CVE-2025-47481 was published May 7, 2025

Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2024-13420 was published May 2, 2025

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue... Moderate Unreviewed

CVE-2025-3563 was published Apr 14, 2025

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

908 advisories