Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31,149 advisories

Loading
A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2025-5383 was published May 31, 2025
A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic... Moderate Unreviewed
CVE-2025-5377 was published May 31, 2025
A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0.... Moderate Unreviewed
CVE-2025-5378 was published May 31, 2025
The Product Subtitle for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-5285 was published May 31, 2025
The Daisycon prijsvergelijkers plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-4590 was published May 31, 2025
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-3813 was published May 31, 2025
The Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks,... Moderate Unreviewed
CVE-2025-5292 was published May 31, 2025
The FastSpring plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-4595 was published May 31, 2025
The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2025-5290 was published May 31, 2025
The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-5016 was published May 31, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service... High Unreviewed
CVE-2025-4992 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry... High Unreviewed
CVE-2025-4991 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from... High Unreviewed
CVE-2025-4989 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential... High Unreviewed
CVE-2025-4984 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in... High Unreviewed
CVE-2025-4988 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio... High Unreviewed
CVE-2025-4985 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential... High Unreviewed
CVE-2025-4983 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager... High Unreviewed
CVE-2025-4990 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager... High Unreviewed
CVE-2025-4986 was published May 30, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry... High Unreviewed
CVE-2025-0602 was published May 30, 2025
An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content... High Unreviewed
CVE-2025-1763 was published May 30, 2025
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-4944 was published May 30, 2025
The OpenSheetMusicDisplay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-5235 was published May 30, 2025
The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-5236 was published May 30, 2025
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user... Moderate Unreviewed
CVE-2025-41406 was published May 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database