GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,606
Composer 5,560
Erlang 49
GitHub Actions 49
Go 3,435
Maven 6,374
npm 5,654
NuGet 883
pip 4,689
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,940

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,396 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper... High Unreviewed

CVE-2025-24817 was published Apr 7, 2026

The ActivityPub WordPress plugin before 8.0.2 does not properly filter posts to be displayed,... High Unreviewed

CVE-2026-4338 was published Apr 8, 2026

The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all... High Unreviewed

CVE-2026-2144 was published Feb 14, 2026

The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2025-13371 was published Jan 7, 2026

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2025-15368 was published Feb 4, 2026

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed

CVE-2025-15283 was published Jan 14, 2026

The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a... High Unreviewed

CVE-2025-14070 was published Jan 7, 2026

Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to... High Unreviewed

CVE-2025-10896 was published Nov 4, 2025

The Infility Global plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-12968 was published Dec 12, 2025

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL... High Unreviewed

CVE-2025-12411 was published Nov 18, 2025

The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title... High Unreviewed

CVE-2025-7036 was published Aug 6, 2025

The AL Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability... High Unreviewed

CVE-2025-7664 was published Aug 16, 2025

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-8422 was published Sep 11, 2025

The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check... High Unreviewed

CVE-2025-6718 was published Jul 18, 2025

The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed

CVE-2025-7650 was published Aug 15, 2025

The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version... High Unreviewed

CVE-2025-8420 was published Aug 6, 2025

The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed

CVE-2025-5391 was published Aug 12, 2025

The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing... High Unreviewed

CVE-2025-6754 was published Aug 2, 2025

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-2008 was published Apr 1, 2025

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-2007 was published Apr 1, 2025

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-1657 was published Mar 15, 2025

The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2024-12066 was published Dec 21, 2024

The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed

CVE-2024-13753 was published Feb 20, 2025

The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to SQL... High Unreviewed

CVE-2024-12416 was published Jan 7, 2025

The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access... High Unreviewed

CVE-2024-12269 was published Jan 30, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,396 advisories