Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20 advisories

Loading
A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/... High Unreviewed
CVE-2025-69516 was published Jan 29, 2026
An SSTI (Server-Side Template Injection) vulnerability exists in the get_address_display method... High Unreviewed
CVE-2025-66437 was published Dec 15, 2025
A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify... High Unreviewed
CVE-2025-67843 was published Dec 19, 2025
Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a... High Unreviewed
CVE-2024-32406 was published Apr 26, 2024
Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated... High Unreviewed
CVE-2024-58293 was published Dec 12, 2025
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows... High Unreviewed
CVE-2024-4040 was published Apr 22, 2024
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that... High Unreviewed
CVE-2025-1040 was published Mar 20, 2025
The Advanced Views – Display Posts, Custom Fields, and More plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-10380 was published Sep 23, 2025
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Crocoblock... High Unreviewed
CVE-2025-53194 was published Aug 20, 2025
StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability... High Unreviewed
CVE-2024-37621 was published Jun 17, 2024
OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template... High Unreviewed
CVE-2024-54954 was published Feb 10, 2025
Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently... High Unreviewed
CVE-2024-9150 was published Feb 21, 2025
Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), :... High Unreviewed
CVE-2024-48962 was published Nov 18, 2024
Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-30372 was published Nov 22, 2024
Improper neutralization of special elements used in SQL command in some Intel(R) Neural... High Unreviewed
CVE-2024-39766 was published Nov 13, 2024
An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search... High Unreviewed
CVE-2022-48684 was published Apr 28, 2024
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-32407 was published Apr 22, 2024
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon... High Unreviewed
CVE-2021-39128 was published May 24, 2022
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote... High Unreviewed
CVE-2024-46366 was published Sep 27, 2024
A improper neutralization of special elements used in a template engine vulnerability in Fortinet... High Unreviewed
CVE-2023-27995 was published Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database