Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,016
Maven
5,000+
npm
4,737
NuGet
814
pip
4,347
Pub
12
RubyGems
987
Rust
1,140
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,192 advisories

Loading
The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2026-1405 was published Feb 19, 2026
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple... Critical Unreviewed
CVE-2026-1358 was published Feb 13, 2026
The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed
CVE-2026-1306 was published Feb 14, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing... Critical Unreviewed
CVE-2025-14014 was published Feb 12, 2026
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2026-1357 was published Feb 11, 2026
An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to... Critical Unreviewed
CVE-2025-61506 was published Feb 3, 2026
An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed
CVE-2025-48782 was published Jun 6, 2025
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without... Critical Unreviewed
CVE-2026-25200 was published Feb 2, 2026
An unrestricted upload of file with dangerous type vulnerability in the upload file function of... Critical Unreviewed
CVE-2025-31342 was published Oct 20, 2025
An unrestricted upload of file with dangerous type vulnerability in the file upload function of... Critical Unreviewed
CVE-2026-24729 was published Jan 30, 2026
Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download... Critical Unreviewed
CVE-2025-57795 was published Jan 28, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM... Critical Unreviewed
CVE-2025-67968 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl... Critical Unreviewed
CVE-2025-68001 was published Jan 22, 2026
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload... Critical Unreviewed
CVE-2025-57794 was published Jan 28, 2026
code-projects Computer Book Store 1.0 is vulnerable to File Upload in admin_add.php. Critical Unreviewed
CVE-2025-69559 was published Jan 27, 2026
code-projects Mobile Shop Management System 1.0 is vulnerable to File Upload in /ExAddProduct.php. Critical Unreviewed
CVE-2025-69565 was published Jan 27, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows... Critical Unreviewed
CVE-2025-68986 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic... Critical Unreviewed
CVE-2025-68909 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro... Critical Unreviewed
CVE-2025-69312 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee... Critical Unreviewed
CVE-2025-68910 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability... Critical Unreviewed
CVE-2026-24815 was published Jan 27, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows... Critical Unreviewed
CVE-2025-50002 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news... Critical Unreviewed
CVE-2025-62056 was published Jan 22, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic... Critical Unreviewed
CVE-2025-62050 was published Jan 22, 2026
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload... Critical Unreviewed
CVE-2025-52691 was published Dec 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database