Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,925
Maven
5,000+
npm
4,578
NuGet
786
pip
4,290
Pub
12
RubyGems
979
Rust
1,112
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,347 advisories

Loading
Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage High
CVE-2026-25538 was published for github.com/devtron-labs/devtron (Go) Feb 4, 2026
b0b0haha spingARbor
lixingquzhi
Credited to b0b0haha, spingARbor, and lixingquzhi
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of... High Unreviewed
CVE-2025-15285 was published Feb 4, 2026
An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business... High Unreviewed
CVE-2025-13348 was published Feb 2, 2026
The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to... High Unreviewed
CVE-2026-1280 was published Jan 28, 2026
The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI... High Unreviewed
CVE-2025-14386 was published Jan 28, 2026
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and... High Unreviewed
CVE-2026-0832 was published Jan 28, 2026
Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows... High Unreviewed
CVE-2026-24530 was published Jan 23, 2026
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows... High Unreviewed
CVE-2026-24534 was published Jan 23, 2026
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows... High Unreviewed
CVE-2026-24525 was published Jan 23, 2026
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant... High Unreviewed
CVE-2026-24529 was published Jan 23, 2026
Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting... High Unreviewed
CVE-2026-24532 was published Jan 23, 2026
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24524 was published Jan 23, 2026
Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured... High Unreviewed
CVE-2026-23974 was published Jan 22, 2026
Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24368 was published Jan 22, 2026
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master... High Unreviewed
CVE-2026-24358 was published Jan 22, 2026
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management... High Unreviewed
CVE-2026-24380 was published Jan 22, 2026
Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly... High Unreviewed
CVE-2026-24356 was published Jan 22, 2026
Missing Authorization vulnerability in wpeverest User Registration user-registration allows... High Unreviewed
CVE-2026-24353 was published Jan 22, 2026
Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting... High Unreviewed
CVE-2026-24357 was published Jan 22, 2026
Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd... High Unreviewed
CVE-2026-22481 was published Jan 22, 2026
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows... High Unreviewed
CVE-2026-22472 was published Jan 22, 2026
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly... High Unreviewed
CVE-2025-69313 was published Jan 22, 2026
Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting... High Unreviewed
CVE-2025-69311 was published Jan 22, 2026
Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting... High Unreviewed
CVE-2025-69193 was published Jan 22, 2026
Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly... High Unreviewed
CVE-2025-69190 was published Jan 22, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database