GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,768 advisories
Citizen skin vulnerable to stored XSS through multiple system messages
Moderate
CVE-2025-49575
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 11, 2025
HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter
Moderate
CVE-2025-49138
was published
for
elmsln/haxcms
(Composer)
Jun 9, 2025
Hax CMS Stored Cross-Site Scripting vulnerability
High
CVE-2025-49137
was published
for
elmsln/haxcms
(Composer)
Jun 9, 2025
Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization
Critical
CVE-2025-49113
was published
for
roundcube/roundcubemail
(Composer)
Jun 2, 2025
Yii 2 Redis may expose AUTH parameters in logs in case of connection failure
Moderate
CVE-2025-48493
was published
for
yiisoft/yii2-redis
(Composer)
Jun 5, 2025
ProTip!
Advisories are also available from the
GraphQL API