Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in Tiki before 28.3... Critical Unreviewed
CVE-2025-32461 was published Apr 9, 2025
zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via... Critical Unreviewed
CVE-2025-60355 was published Oct 28, 2025
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection... Critical Unreviewed
CVE-2024-23692 was published May 31, 2024
Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise... Critical Unreviewed
CVE-2025-37729 was published Oct 13, 2025
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings... Critical Unreviewed
CVE-2025-47916 was published May 16, 2025
IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed
CVE-2025-46661 was published Apr 28, 2025
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove... Critical Unreviewed
CVE-2024-52393 was published Nov 14, 2024
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in... Critical Unreviewed
CVE-2024-49271 was published Oct 16, 2024
The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and... Critical Unreviewed
CVE-2024-12583 was published Jan 4, 2025
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed
CVE-2024-52434 was published Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed
CVE-2024-52427 was published Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed
CVE-2024-48042 was published Oct 16, 2024
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and... Critical Unreviewed
CVE-2024-6386 was published Aug 21, 2024
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template... Critical Unreviewed
CVE-2024-24724 was published Apr 3, 2024
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio... Critical Unreviewed
CVE-2023-2259 was published Apr 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database