GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,109
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,998
npm 4,207
NuGet 743
pip 3,979
Pub 12
RubyGems 947
Rust 1,034
Swift 45

Unreviewed advisories

All unreviewed 272,398

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,592 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of... Moderate Unreviewed

CVE-2025-11286 was published Oct 5, 2025

Two unauthenticated diagnostic endpoints allow arbitrary backend-initiated network connections to... Moderate Unreviewed

CVE-2025-10695 was published Oct 3, 2025

TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 (Android TV, Kernel 5.4... Moderate Unreviewed

CVE-2025-55971 was published Oct 3, 2025

VitaraCharts 5.3.5 is vulnerable to Server-Side Request Forgery in fileLoader.jsp. Moderate Unreviewed

CVE-2025-57305 was published Oct 2, 2025

Apache Kylin Server-Side Request Forgery (SSRF) Vulnerability High

CVE-2025-61735 was published for org.apache.kylin:kylin (Maven) Oct 2, 2025

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform... High Unreviewed

CVE-2025-20371 was published Oct 1, 2025

The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10735 was published Oct 1, 2025

Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed

CVE-2025-56520 was published Sep 30, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... High Unreviewed

CVE-2025-34233 was published Sep 29, 2025

A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function... Moderate Unreviewed

CVE-2025-11046 was published Sep 26, 2025

Server-Side Request Forgery (SSRF) vulnerability in silence Silencesoft RSS Reader allows Server... Moderate Unreviewed

CVE-2025-60181 was published Sep 26, 2025

Server-Side Request Forgery (SSRF) vulnerability in bdthemes ZoloBlocks allows Server Side... Moderate Unreviewed

CVE-2025-60161 was published Sep 26, 2025

The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions... Moderate Unreviewed

CVE-2025-10137 was published Sep 26, 2025

cors-anywhere vulnerable to server-side request forgery Critical

CVE-2020-36851 was published for cors-anywhere (npm) Sep 25, 2025

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On... Moderate Unreviewed

CVE-2025-42907 was published Sep 23, 2025

A restriction bypass vulnerability in is-localhost-ip could allow attackers to perform Server... Moderate Unreviewed

CVE-2025-9960 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in publitio Publitio allows Server Side Request... Moderate Unreviewed

CVE-2025-58962 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub allows Server Side... Moderate Unreviewed

CVE-2025-58005 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask allows Server Side Request... Moderate Unreviewed

CVE-2025-58011 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web... Moderate Unreviewed

CVE-2025-57984 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool... Moderate Unreviewed

CVE-2025-57943 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in activewebsight SEO Backlink Monitor allows... Moderate Unreviewed

CVE-2025-53457 was published Sep 22, 2025

Server-Side Request Forgery (SSRF) vulnerability in Binsaifullah Beaf allows Server Side Request... Moderate Unreviewed

CVE-2025-53461 was published Sep 22, 2025

A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of... Moderate Unreviewed

CVE-2025-10764 was published Sep 22, 2025

A flaw has been found in Harness 3.3.0. This impacts the function LookupRepo of the file app/api... Moderate Unreviewed

CVE-2025-10760 was published Sep 22, 2025

Previous1…64 Next

Previous 1 2 3 4 5 … 63 64 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,592 advisories