GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,970
Composer 5,212
Erlang 40
GitHub Actions 40
Go 2,954
Maven 6,244
npm 4,606
NuGet 787
pip 4,305
Pub 12
RubyGems 984
Rust 1,121
Swift 49

Unreviewed advisories

All unreviewed 288,770

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

894 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Server-Side Request Forgery (SSRF) vulnerability in Codeless Slider Templates slider-templates... Moderate Unreviewed

CVE-2025-62988 was published Oct 27, 2025

The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12136 was published Oct 24, 2025

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More... Moderate Unreviewed

CVE-2025-10874 was published Oct 24, 2025

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed

CVE-2025-11128 was published Oct 23, 2025

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed

CVE-2025-10705 was published Oct 23, 2025

Server-Side Request Forgery (SSRF) vulnerability in Icegram Icegram Express Pro email-subscribers... Moderate Unreviewed

CVE-2025-49917 was published Oct 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in captcha.eu Captcha.eu captcha-eu allows... Moderate Unreviewed

CVE-2025-49374 was published Oct 22, 2025

Zimbra Collaboration (ZCS) before 10.1.12 allows SSRF because of the configuration of the chat... Moderate Unreviewed

CVE-2025-62763 was published Oct 21, 2025

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed

CVE-2025-11536 was published Oct 21, 2025

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for... Moderate Unreviewed

CVE-2025-11361 was published Oct 18, 2025

ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the... Moderate Unreviewed

CVE-2025-34282 was published Oct 17, 2025

A vulnerability was identified in NucleoidAI Nucleoid up to 0.7.10. The impacted element is the... Moderate Unreviewed

CVE-2025-11864 was published Oct 16, 2025

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed

CVE-2025-10056 was published Oct 15, 2025

karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF). Moderate Unreviewed

CVE-2025-60540 was published Oct 14, 2025

SOOP-CLM developed by PiExtract has a Server-Side Request Forgery vulnerability, allowing... Moderate Unreviewed

CVE-2025-11674 was published Oct 13, 2025

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown... Moderate Unreviewed

CVE-2025-11648 was published Oct 13, 2025

A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035_FW_036. This issue... Moderate Unreviewed

CVE-2025-11636 was published Oct 12, 2025

The WP Scraper plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9975 was published Oct 11, 2025

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of... Moderate Unreviewed

CVE-2025-11286 was published Oct 5, 2025

Two unauthenticated diagnostic endpoints allow arbitrary backend-initiated network connections to... Moderate Unreviewed

CVE-2025-10695 was published Oct 3, 2025

TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 (Android TV, Kernel 5.4... Moderate Unreviewed

CVE-2025-55971 was published Oct 3, 2025

VitaraCharts 5.3.5 is vulnerable to Server-Side Request Forgery in fileLoader.jsp. Moderate Unreviewed

CVE-2025-57305 was published Oct 2, 2025

The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10735 was published Oct 1, 2025

Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed

CVE-2025-56520 was published Sep 30, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed

CVE-2025-34230 was published Sep 29, 2025

Previous 1…5…36 Next

Previous 1 2 3 4 5 6 7 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

894 advisories