Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

8,056 advisories

Loading
A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown... Moderate Unreviewed
CVE-2025-11029 was published Sep 26, 2025
Apollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypass High
CVE-2025-59845 was published for @apollo/explorer (npm) Sep 26, 2025
ekzyis 0x9x-ui
Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for... High Unreviewed
CVE-2025-60171 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp allows Stored XSS. This... High Unreviewed
CVE-2025-60164 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flytedesk Flytedesk Digital allows Stored XSS.... High Unreviewed
CVE-2025-60172 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker allows... High Unreviewed
CVE-2025-60170 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a... Critical Unreviewed
CVE-2025-60156 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce allows... High Unreviewed
CVE-2025-60173 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7... High Unreviewed
CVE-2025-60169 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in instapagedev Instapage Plugin allows Cross... Moderate Unreviewed
CVE-2025-60115 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in javothemes Javo Core allows Authentication... High Unreviewed
CVE-2025-60111 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in grooni Groovy Menu allows Cross Site Request... Moderate Unreviewed
CVE-2025-60113 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in TangibleWP Vehica Core allows Cross Site... Moderate Unreviewed
CVE-2025-60117 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Joovii Sendle Shipping allows Cross Site... Moderate Unreviewed
CVE-2025-60139 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in yonifre Lenix scss compiler allows Cross Site... Moderate Unreviewed
CVE-2025-60145 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Galaxy Weblinks Post Featured Video allows... Moderate Unreviewed
CVE-2025-60137 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Di Themes Di Themes Demo Site Importer allows... Moderate Unreviewed
CVE-2025-58914 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada Download Manager allows Cross Site... Moderate Unreviewed
CVE-2025-60093 was published Sep 26, 2025
The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-10377 was published Sep 26, 2025
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-10752 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in purethemes WorkScout-Core allows Cross Site... High Unreviewed
CVE-2025-59572 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Casengo Casengo Live Chat Support allows... High Unreviewed
CVE-2025-58688 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ptibogxiv Doliconnect allows Stored XSS. This... High Unreviewed
CVE-2025-58690 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP CMS Ninja Current Age Plugin allows Stored... High Unreviewed
CVE-2025-58687 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Attractive Donations System allows... High Unreviewed
CVE-2025-58956 was published Sep 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database