GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,897

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

8,228 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File... High Unreviewed

CVE-2025-11087 was published Nov 21, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Igor Jerosimić I Order Terms i-order-terms... Moderate Unreviewed

CVE-2025-66097 was published Nov 21, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting... Moderate Unreviewed

CVE-2025-66061 was published Nov 21, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Giveaways and Contests by... Moderate Unreviewed

CVE-2025-66064 was published Nov 21, 2025

The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-13134 was published Nov 21, 2025

The Custom Post Type plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-13142 was published Nov 21, 2025

Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted... Moderate Unreviewed

CVE-2025-62687 was published Nov 21, 2025

A Cross-Site Request Forgery (CSRF) vulnerability was identified in HCL Glovius Cloud. An... Moderate Unreviewed

CVE-2025-62346 was published Nov 20, 2025

The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all... Moderate Unreviewed

CVE-2025-12535 was published Nov 19, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in the manage-students.php component of... High Unreviewed

CVE-2025-63955 was published Nov 18, 2025

Windu CMS is vulnerable to Cross-Site Request Forgery in file uploading functionality. Malicious... Moderate Unreviewed

CVE-2025-59114 was published Nov 18, 2025

Windu CMS is vulnerable to Cross-Site Request Forgery in user editing functionality. Malicious... Moderate Unreviewed

CVE-2025-59112 was published Nov 18, 2025

Windu CMS is vulnerable to Cross-Site Request Forgery in user editing functionality. Implemented... Moderate Unreviewed

CVE-2025-59110 was published Nov 18, 2025

A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use... High Unreviewed

CVE-2025-6670 was published Nov 18, 2025

The Coil Web Monetization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9625 was published Nov 18, 2025

The Top Friends plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-12827 was published Nov 18, 2025

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2025-12404 was published Nov 18, 2025

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-12406 was published Nov 18, 2025

The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12173 was published Nov 18, 2025

Multiple CWE-352 Cross-Site Request Forgery (CSRF) Moderate Unreviewed

CVE-2025-55057 was published Nov 17, 2025

A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an... Moderate Unreviewed

CVE-2025-13177 was published Nov 14, 2025

A vulnerability has been found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory... Moderate Unreviewed

CVE-2025-13179 was published Nov 14, 2025

Mattermost Mobile Apps versions <=2.32.0 fail to verify that SSO redirect tokens originate from... Moderate Unreviewed

CVE-2025-59480 was published Nov 13, 2025

A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an... Moderate Unreviewed

CVE-2025-13119 was published Nov 13, 2025

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager... Moderate Unreviewed

CVE-2025-64271 was published Nov 13, 2025

Previous1…330 Next

Previous 1 2 3 4 5 … 329 330 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,228 advisories