Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,005
Maven
5,000+
npm
4,733
NuGet
788
pip
4,343
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

668 advisories

Loading
The Checkout Field Manager (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-12500 was published Feb 19, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.0 before 18.6.6, 18... Moderate Unreviewed
CVE-2026-1458 was published Feb 11, 2026
A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some... Moderate Unreviewed
CVE-2026-2164 was published Feb 8, 2026
A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the... Moderate Unreviewed
CVE-2026-2146 was published Feb 8, 2026
An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing... Moderate Unreviewed
CVE-2025-69618 was published Feb 4, 2026
A non-administrative user can upload malicious files. When an administrator or the product... Moderate Unreviewed
CVE-2026-23704 was published Feb 4, 2026
YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that... Moderate Unreviewed
CVE-2021-47899 was published Jan 23, 2026
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted... Moderate Unreviewed
CVE-2026-1152 was published Jan 19, 2026
The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-14632 was published Jan 17, 2026
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads... Moderate Unreviewed
CVE-2026-21625 was published Jan 16, 2026
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload... Moderate Unreviewed
CVE-2021-47783 was published Jan 16, 2026
File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or... Moderate Unreviewed
CVE-2025-67077 was published Jan 15, 2026
Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file... Moderate Unreviewed
CVE-2025-62182 was published Jan 13, 2026
SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to... Moderate Unreviewed
CVE-2026-0496 was published Jan 13, 2026
A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to... Moderate Unreviewed
CVE-2025-15503 was published Jan 10, 2026
A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of... Moderate Unreviewed
CVE-2025-15495 was published Jan 9, 2026
A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code... Moderate Unreviewed
CVE-2025-66837 was published Jan 7, 2026
A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an... Moderate Unreviewed
CVE-2026-0643 was published Jan 7, 2026
The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14842 was published Jan 7, 2026
A security vulnerability has been detected in code-projects Content Management System 1.0.... Moderate Unreviewed
CVE-2026-0566 was published Jan 2, 2026
A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects... Moderate Unreviewed
CVE-2026-0547 was published Jan 2, 2026
A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impacted is the function... Moderate Unreviewed
CVE-2025-15423 was published Jan 2, 2026
A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function... Moderate Unreviewed
CVE-2025-15415 was published Jan 2, 2026
A security vulnerability has been detected in campcodes School File Management System 1.0. The... Moderate Unreviewed
CVE-2025-15404 was published Jan 1, 2026
ArcGIS Server version 11.5 and earlier on Windows and Linux does not properly validate uploaded... Moderate Unreviewed
CVE-2025-67707 was published Jan 1, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database