GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,244
Composer 5,234
Erlang 40
GitHub Actions 41
Go 3,003
Maven 6,264
npm 4,732
NuGet 788
pip 4,341
Pub 12
RubyGems 987
Rust 1,137
Swift 50

Unreviewed advisories

All unreviewed 290,892

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,418 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload... High Unreviewed

CVE-2020-36942 was published Jan 27, 2026

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability... Critical Unreviewed

CVE-2026-24815 was published Jan 27, 2026

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable... High Unreviewed

CVE-2026-0911 was published Jan 24, 2026

The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-13374 was published Jan 24, 2026

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that... High Unreviewed

CVE-2021-47904 was published Jan 23, 2026

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability... High Unreviewed

CVE-2021-47888 was published Jan 23, 2026

YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that... Moderate Unreviewed

CVE-2021-47899 was published Jan 23, 2026

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818... Critical Unreviewed

CVE-2025-69828 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro... Critical Unreviewed

CVE-2025-69312 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic... Critical Unreviewed

CVE-2025-68909 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee... Critical Unreviewed

CVE-2025-68910 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows... Critical Unreviewed

CVE-2025-68986 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl... Critical Unreviewed

CVE-2025-68001 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM... Critical Unreviewed

CVE-2025-67968 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows... Critical Unreviewed

CVE-2025-50002 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic... Critical Unreviewed

CVE-2025-62050 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news... Critical Unreviewed

CVE-2025-62056 was published Jan 22, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade... High Unreviewed

CVE-2025-10856 was published Jan 22, 2026

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing... Critical Unreviewed

CVE-2026-1331 was published Jan 22, 2026

IBM Concert 1.0.0 through 2.1.0 is vulnerable to malicious file upload by not validating the... High Unreviewed

CVE-2025-33015 was published Jan 20, 2026

PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an Arbitrary File Upload... High Unreviewed

CVE-2026-1222 was published Jan 20, 2026

HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file... Low Unreviewed

CVE-2025-55251 was published Jan 19, 2026

A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted... Moderate Unreviewed

CVE-2026-1152 was published Jan 19, 2026

The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-14632 was published Jan 17, 2026

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability... Critical Unreviewed

CVE-2012-10064 was published Jan 16, 2026

Previous 1…3…137 Next

Previous 1 2 3 4 5 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,418 advisories