Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,954
Maven
5,000+
npm
4,606
NuGet
787
pip
4,305
Pub
12
RubyGems
984
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,349 advisories

Loading
Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows... High Unreviewed
CVE-2025-69192 was published Jan 22, 2026
Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd... High Unreviewed
CVE-2026-22481 was published Jan 22, 2026
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows... High Unreviewed
CVE-2026-22472 was published Jan 22, 2026
Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24356 was published Jan 22, 2026
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management... High Unreviewed
CVE-2026-24380 was published Jan 22, 2026
Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured... High Unreviewed
CVE-2026-23974 was published Jan 22, 2026
Missing Authorization vulnerability in wpeverest User Registration user-registration allows... High Unreviewed
CVE-2026-24353 was published Jan 22, 2026
Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24368 was published Jan 22, 2026
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master... High Unreviewed
CVE-2026-24358 was published Jan 22, 2026
Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting... High Unreviewed
CVE-2026-24357 was published Jan 22, 2026
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows... High Unreviewed
CVE-2026-24525 was published Jan 23, 2026
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant... High Unreviewed
CVE-2026-24529 was published Jan 23, 2026
Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting... High Unreviewed
CVE-2026-24532 was published Jan 23, 2026
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24524 was published Jan 23, 2026
Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows... High Unreviewed
CVE-2026-24530 was published Jan 23, 2026
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows... High Unreviewed
CVE-2026-24534 was published Jan 23, 2026
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and... High Unreviewed
CVE-2026-0832 was published Jan 28, 2026
The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI... High Unreviewed
CVE-2025-14386 was published Jan 28, 2026
The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to... High Unreviewed
CVE-2026-1280 was published Jan 28, 2026
An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business... High Unreviewed
CVE-2025-13348 was published Feb 2, 2026
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2025-15285 was published Feb 4, 2026
Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage High
CVE-2026-25538 was published for github.com/devtron-labs/devtron (Go) Feb 4, 2026
b0b0haha spingARbor
lixingquzhi
Credited to b0b0haha, spingARbor, and lixingquzhi
Tanium addressed an improper input validation vulnerability in Deploy. High Unreviewed
CVE-2025-15330 was published Feb 5, 2026
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible... High Unreviewed
CVE-2026-0845 was published Feb 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database