Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,538 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country... High Unreviewed
CVE-2025-48077 was published Nov 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Stripe simple-stripe allows... High Unreviewed
CVE-2025-48085 was published Nov 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel WP GDPR Cookie Consent wp-gdpr... High Unreviewed
CVE-2025-53316 was published Nov 6, 2025
Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User... High Unreviewed
CVE-2025-63712 was published Nov 10, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodester Client Database... High Unreviewed
CVE-2025-63711 was published Nov 10, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in Salmen2/Simple-Faucet-Script v1.07 via... High Unreviewed
CVE-2025-57310 was published Nov 12, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use... High Unreviewed
CVE-2025-6670 was published Nov 18, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of... High Unreviewed
CVE-2025-63955 was published Nov 18, 2025
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File... High Unreviewed
CVE-2025-11087 was published Nov 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0... High Unreviewed
CVE-2025-56400 was published Nov 24, 2025
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of... High Unreviewed
CVE-2024-53684 was published Dec 1, 2025
PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the... High Unreviewed
CVE-2025-65840 was published Dec 1, 2025
The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed
CVE-2025-12879 was published Dec 5, 2025
Some endpoints in vulnerability-lookup that modified application state (e.g. changing database... High Unreviewed
CVE-2025-42616 was published Dec 8, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS... High Unreviewed
CVE-2025-49347 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite... High Unreviewed
CVE-2025-49341 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms... High Unreviewed
CVE-2025-49351 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes... High Unreviewed
CVE-2025-62739 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve... High Unreviewed
CVE-2025-63030 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Folio simple-folio allows... High Unreviewed
CVE-2025-64256 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link... High Unreviewed
CVE-2025-67465 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for... High Unreviewed
CVE-2025-67472 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Companion cww-companion allows... High Unreviewed
CVE-2025-67473 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon... High Unreviewed
CVE-2025-66531 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross... High Unreviewed
CVE-2025-66529 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database