Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

753 advisories

Loading
The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-12005 was published Oct 25, 2025
The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-11879 was published Oct 25, 2025
The Password Protected plugin for WordPress is vulnerable to authorization bypass via IP address... Low Unreviewed
CVE-2025-11244 was published Oct 25, 2025
The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-6639 was published Oct 25, 2025
The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due... Moderate Unreviewed
CVE-2025-10902 was published Oct 24, 2025
Moodle has a time restriction bypass Moderate
CVE-2025-62401 was published for moodle/moodle (Composer) Oct 23, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22176 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22177 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22168 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22169 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient... Moderate Unreviewed
CVE-2025-22170 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the... Moderate Unreviewed
CVE-2025-22171 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22172 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22173 was published Oct 22, 2025
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected... Moderate Unreviewed
CVE-2025-22174 was published Oct 22, 2025
Hono Improper Authorization vulnerability High
CVE-2025-62610 was published for hono (npm) Oct 22, 2025
okazu-dm
Credited to okazu-dm
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed
CVE-2025-53056 was published Oct 21, 2025
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2025-11256 was published Oct 18, 2025
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-11510 was published Oct 18, 2025
An improper authorization vulnerability [CWE-285] in Fortinet FortiOS version 7.4.0 through 7.4.1... Moderate Unreviewed
CVE-2025-54822 was published Oct 14, 2025
Redis Enterprise Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-59271 was published Oct 9, 2025
Better Auth: Unauthenticated API key creation through api-key plugin Critical
CVE-2025-61928 was published for better-auth (npm) Oct 9, 2025
etiennelunetta
Credited to etiennelunetta
Casdoor is vulnerable to Improper Authorization High
CVE-2025-61524 was published for github.com/casdoor/casdoor (Go) Oct 8, 2025
XWiki OIDC Authenticator: Users with "view" access can create tokens for any users they can view Critical
CVE-2025-49594 was published for org.xwiki.contrib.oidc:oidc-authenticator (Maven) Oct 6, 2025
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected... Moderate Unreviewed
CVE-2025-11321 was published Oct 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database