Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,882 advisories

Loading
@musistudio/claude-code-router has improper CORS configuration High
CVE-2025-57755 was published for @musistudio/claude-code-router (npm) Aug 21, 2025
ttttmr
Credited to ttttmr
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed
CVE-2025-7654 was published Aug 19, 2025
A security issue in the runtime event system allows unauthenticated connections to receive a... High Unreviewed
CVE-2025-9036 was published Aug 14, 2025
KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi),... High Unreviewed
CVE-2025-43988 was published Aug 13, 2025
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an... High Unreviewed
CVE-2025-53781 was published Aug 12, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-53134 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an... High Unreviewed
CVE-2025-33051 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed
CVE-2025-50154 was published Aug 12, 2025
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to... High Unreviewed
CVE-2025-3831 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2025-40768 was published Aug 12, 2025
The AuthKit Remix Library renders sensitive auth data in HTML High
CVE-2025-55009 was published for @workos-inc/authkit-remix (npm) Aug 8, 2025
cai0duque
Credited to cai0duque
The AuthKit React Router Library rendered sensitive auth data in HTML High
CVE-2025-55008 was published for @workos-inc/authkit-react-router (npm) Aug 8, 2025
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can... High Unreviewed
CVE-2025-46659 was published Aug 6, 2025
Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the... High Unreviewed
CVE-2025-51040 was published Aug 6, 2025
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows... High Unreviewed
CVE-2025-29745 was published Aug 5, 2025
An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-45620 was published Jul 30, 2025
GitProxy Hidden Commits Injection High
CVE-2025-54586 was published for @finos/git-proxy (npm) Jul 30, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... High Unreviewed
CVE-2020-36850 was published Jul 25, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
In some cases search terms persisted in the URL bar even after navigating away from the search... High Unreviewed
CVE-2025-8039 was published Jul 22, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... High Unreviewed
CVE-2025-7919 was published Jul 21, 2025
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as... High Unreviewed
CVE-2025-7394 was published Jul 19, 2025
An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-50708 was published Jul 18, 2025
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior... High Unreviewed
CVE-2025-34130 was published Jul 17, 2025
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51769 was published Jul 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database