Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,373 advisories

Loading
Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated... High Unreviewed
CVE-2018-25158 was published Feb 21, 2026
code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote... High Unreviewed
CVE-2025-70151 was published Feb 18, 2026
IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary... High Unreviewed
CVE-2025-13689 was published Feb 18, 2026
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files.... High Unreviewed
CVE-2024-7694 was published Aug 12, 2024
Remote Code Execution by uploading a phar file using frontmatter High
CVE-2024-27923 was published for getgrav/grav (Composer) Mar 6, 2024
Universe1122 sunnypatell
Credited to Universe1122 and sunnypatell
Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and... High Unreviewed
CVE-2024-50620 was published Feb 11, 2026
School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin... High Unreviewed
CVE-2020-37084 was published Feb 4, 2026
FUXA contains an Unrestricted File Upload vulnerability High
CVE-2025-69981 was published for fuxa-server (npm) Feb 3, 2026
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing... High Unreviewed
CVE-2026-2097 was published Feb 10, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies... High Unreviewed
CVE-2025-10465 was published Feb 9, 2026
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin.... High Unreviewed
CVE-2025-69906 was published Feb 5, 2026
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point... High Unreviewed
CVE-2022-40924 was published Sep 27, 2022
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with... High Unreviewed
CVE-2024-32256 was published Apr 16, 2024
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that... High Unreviewed
CVE-2020-37117 was published Feb 5, 2026
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an... High Unreviewed
CVE-2026-20098 was published Feb 4, 2026
An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows... High Unreviewed
CVE-2025-65875 was published Feb 3, 2026
The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect... High Unreviewed
CVE-2026-1756 was published Feb 4, 2026
School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary... High Unreviewed
CVE-2020-37090 was published Feb 4, 2026
Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to... High Unreviewed
CVE-2020-37073 was published Feb 4, 2026
An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3... High Unreviewed
CVE-2020-35945 was published May 24, 2022
GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when... High Unreviewed
CVE-2020-37113 was published Feb 3, 2026
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... High Unreviewed
CVE-2026-1065 was published Feb 3, 2026
The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect... High Unreviewed
CVE-2026-1730 was published Feb 3, 2026
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege... High Unreviewed
CVE-2026-25201 was published Feb 2, 2026
Koken CMS 0.22.24 contains a file upload vulnerability that allows authenticated attackers to... High Unreviewed
CVE-2020-37023 was published Jan 31, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database