Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,541 advisories

Loading
The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a... Moderate Unreviewed
CVE-2025-4047 was published Jun 3, 2025
Missing Authorization vulnerability in Mage people team Booking and Rental Manager allows... Moderate Unreviewed
CVE-2025-47585 was published Jun 2, 2025
The Woo Slider Pro – Drag Drop Slider Builder For WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-4597 was published May 30, 2025
Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting... Moderate Unreviewed
CVE-2025-48334 was published May 30, 2025
Mautic segment cloning doesn't have a proper permission check Moderate
CVE-2024-47055 was published for mautic/core (Composer) May 28, 2025
abhisekmazumdar patrykgruszka
nick-vanpraet
A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an... Moderate Unreviewed
CVE-2025-40673 was published May 28, 2025
A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0... Low Unreviewed
CVE-2024-54020 was published May 28, 2025
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-5117 was published May 27, 2025
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-4683 was published May 27, 2025
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to... High Unreviewed
CVE-2025-40667 was published May 26, 2025
Missing Authorization vulnerability in Leadinfo Leadinfo allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-48271 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Header allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-48275 was published May 23, 2025
Missing Authorization vulnerability in smackcoders Lead Form Data Collection to CRM allows... High Unreviewed
CVE-2025-47690 was published May 23, 2025
Missing Authorization vulnerability in UX Design Experts Experto CTA Widget – Call To... Moderate Unreviewed
CVE-2025-47529 was published May 23, 2025
Missing Authorization vulnerability in RomanCode MapSVG allows Accessing Functionality Not... High Unreviewed
CVE-2025-47558 was published May 23, 2025
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Path Traversal. This... Moderate Unreviewed
CVE-2025-47619 was published May 23, 2025
Missing Authorization vulnerability in dastan800 Visual Builder allows Reflected XSS. This issue... High Unreviewed
CVE-2025-46488 was published May 23, 2025
Missing Authorization vulnerability in Chimpstudio JobHunt Job Alerts allows Exploiting... High Unreviewed
CVE-2025-39536 was published May 23, 2025
When pglogical attempts to replicate data, it does not verify it is using a replication... Moderate Unreviewed
CVE-2025-2506 was published May 22, 2025
The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-4105 was published May 21, 2025
Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed
CVE-2025-48009 was published May 21, 2025
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41231 was published May 20, 2025
Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting... High Unreviewed
CVE-2025-39352 was published May 19, 2025
Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a... High Unreviewed
CVE-2025-39350 was published May 19, 2025
Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality... High Unreviewed
CVE-2025-39449 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database