Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,537 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in ptibogxiv Doliconnect allows Stored XSS. This... High Unreviewed
CVE-2025-58690 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in purethemes WorkScout-Core allows Cross Site... High Unreviewed
CVE-2025-59572 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Attractive Donations System allows... High Unreviewed
CVE-2025-58956 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Casengo Casengo Live Chat Support allows... High Unreviewed
CVE-2025-58688 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP CMS Ninja Current Age Plugin allows Stored... High Unreviewed
CVE-2025-58687 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in puravida1976 ShrinkTheWeb (STW) Website... High Unreviewed
CVE-2025-58677 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in EdwardBock Grid allows Stored XSS. This issue... High Unreviewed
CVE-2025-58657 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shankaranand Maurya WP Content Protection... High Unreviewed
CVE-2025-58670 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in extendyourweb HORIZONTAL SLIDER allows Stored... High Unreviewed
CVE-2025-58676 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... High Unreviewed
CVE-2025-58270 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Anps Constructo allows Object Injection. This... High Unreviewed
CVE-2025-58244 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Authentication Bypass.... High Unreviewed
CVE-2025-58250 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wpdirectorykit Sweet Energy Efficiency allows... High Unreviewed
CVE-2025-58262 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc Mavis HTTPS to... High Unreviewed
CVE-2025-58261 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPMK WPMK PDF Generator allows Stored XSS.... High Unreviewed
CVE-2025-58268 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in scriptsbundle Nokri allows Cross Site Request... High Unreviewed
CVE-2025-58259 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Aftabul Islam Stock Message allows Stored XSS.... High Unreviewed
CVE-2025-58267 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pebas CouponXxL allows Privilege Escalation.... High Unreviewed
CVE-2025-58013 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible PDF Invoices for WooCommerce ... High Unreviewed
CVE-2025-57977 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude allows Stored XSS. This... High Unreviewed
CVE-2025-57918 was published Sep 22, 2025
Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22... High Unreviewed
CVE-2025-50255 was published Sep 18, 2025
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the... High Unreviewed
CVE-2025-56710 was published Sep 15, 2025
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... High Unreviewed
CVE-2025-20326 was published Sep 10, 2025
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF)... High Unreviewed
CVE-2025-54256 was published Sep 9, 2025
listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover High
CVE-2025-58430 was published for github.com/knadh/listmonk (Go) Sep 9, 2025
r3verii
Credited to r3verii
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database