GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,434
Composer 4,826
Erlang 36
GitHub Actions 32
Go 2,426
Maven 5,833
npm 4,058
NuGet 723
pip 3,848
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 265,042

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,832 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This... Moderate Unreviewed

CVE-2025-8739 was published Aug 8, 2025

A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an... Moderate Unreviewed

CVE-2025-7202 was published Aug 6, 2025

A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is... Moderate Unreviewed

CVE-2025-5988 was published Aug 4, 2025

A vulnerability has been found in 495300897 wx-shop up to... Moderate Unreviewed

CVE-2025-8505 was published Aug 3, 2025

@nestjs/devtools-integration: CSRF to Sandbox Escape Allows for RCE against JS Developers Critical

CVE-2025-54782 was published for @nestjs/devtools-integration (npm) Aug 1, 2025

Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add... Moderate Unreviewed

CVE-2025-50847 was published Jul 31, 2025

A vulnerability classified as problematic has been found in code-projects Simple Car Rental... Moderate Unreviewed

CVE-2025-8335 was published Jul 31, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration Low Unreviewed

CVE-2025-54529 was published Jul 28, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow Moderate Unreviewed

CVE-2025-54528 was published Jul 28, 2025

In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint Moderate Unreviewed

CVE-2025-54536 was published Jul 28, 2025

A vulnerability, which was classified as problematic, was found in jerryshensjf JPACookieShop... Moderate Unreviewed

CVE-2025-8223 was published Jul 27, 2025

The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-8104 was published Jul 27, 2025

The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-8103 was published Jul 26, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp:... Moderate Unreviewed

CVE-2025-36728 was published Jul 25, 2025

The Affiliate Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-7690 was published Jul 25, 2025

The iThoughts Advanced Code Editor plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-7835 was published Jul 25, 2025

The Omnishop plugin for WordPress is vulnerable to Cross-Site Request Forgery on its /users... Moderate Unreviewed

CVE-2025-6214 was published Jul 23, 2025

The YANewsflash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-6054 was published Jul 23, 2025

The Like & Share My Site plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-7685 was published Jul 22, 2025

The Latest Post Accordian Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-7687 was published Jul 22, 2025

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-7369 was published Jul 21, 2025

A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint... Moderate Unreviewed

CVE-2025-7834 was published Jul 19, 2025

The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-7669 was published Jul 19, 2025

StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Moderate Unreviewed

CVE-2025-50586 was published Jul 18, 2025

The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-6781 was published Jul 18, 2025

Previous 1 2 3 4 5 … 313 314 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,832 advisories