Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
Miniflux has an Open Redirect via protocol-relative redirect_url Moderate
CVE-2025-67713 was published for miniflux.app/v2 (Go) Dec 10, 2025
satoki
Credited to satoki
ABP Account Module has an Open Redirect through Improper validation in its register function Moderate
CVE-2025-65581 was published for Volo.Abp.Account.Web (NuGet) Dec 16, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist... Moderate Unreviewed
CVE-2025-64250 was published Dec 16, 2025
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject... High Unreviewed
CVE-2023-53901 was published Dec 16, 2025
Mayan EDMS has an Open Redirect through the /authentication/ file Low
CVE-2025-14692 was published for mayan-edms (pip) Dec 15, 2025
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows... Moderate Unreviewed
CVE-2025-34504 was published Dec 12, 2025
The Solutions Ad Manager plugin for WordPress is vulnerable to Open Redirect in all versions up... Moderate Unreviewed
CVE-2025-14451 was published Dec 13, 2025
Open Redirect Vulnerability in Taguette Moderate
CVE-2025-67502 was published for taguette (pip) Dec 9, 2025
yueyueL
Credited to yueyueL
ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login High
GHSA-pfrf-9r5f-73f5 was published for github.com/zitadel/zitadel (Go) Dec 8, 2025
amit-laish peintnermax
livio-a
Credited to amit-laish, peintnermax, and livio-a
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmls® IDX flexmls... Moderate Unreviewed
CVE-2025-67585 was published Dec 9, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-67587 was published Dec 9, 2025
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO High
GHSA-vp58-j275-797x was published for better-auth (npm) Feb 24, 2025
castilho101
Credited to castilho101
Central Dogma's Login Function Has an Open Redirect Vulnerability Moderate
CVE-2025-11222 was published for com.linecorp.centraldogma:centraldogma-server-auth-shiro (Maven) Dec 4, 2025
minwoox
Credited to minwoox
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20382 was published Dec 3, 2025
Open redirect in the web server component of MiR Robot and Fleet software allows a remote... Moderate Unreviewed
CVE-2025-13819 was published Dec 1, 2025
Astros's duplicate trailing slash feature leads to an open redirection security issue Moderate
CVE-2025-54793 was published for astro (npm) Aug 7, 2025
ghiyastfarisi ascorbic
ematipico
Credited to ghiyastfarisi, ascorbic, and ematipico
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect Moderate
CVE-2024-52003 was published for github.com/traefik/traefik/v2 (Go) Dec 2, 2024
kunte0
Credited to kunte0
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Frank Goossens WP YouTube... Low Unreviewed
CVE-2025-66062 was published Nov 21, 2025
Backdrop CMS Host Header Injection vulnerability Moderate
CVE-2025-63828 was published for backdrop/backdrop (Composer) Nov 18, 2025
Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0... High Unreviewed
CVE-2024-8527 was published Nov 19, 2025
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL... Moderate Unreviewed
CVE-2025-40545 was published Nov 18, 2025
Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode Moderate
CVE-2025-64716 was published for github.com/TecharoHQ/anubis (Go) Oct 30, 2025
nijel mbiesiad
Credited to nijel and mbiesiad
Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a... Moderate Unreviewed
CVE-2024-13983 was published Nov 14, 2025
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance... Moderate Unreviewed
CVE-2025-20355 was published Nov 13, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-62981 was published Oct 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database