Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+

3,585 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Peter Sterling Simple Archive Generator allows... High Unreviewed
CVE-2025-49346 was published Dec 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Socialprofilr Social Profilr allows Stored XSS... High Unreviewed
CVE-2025-49343 was published Dec 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in eLEOPARD Behance Portfolio Manager allows... High Unreviewed
CVE-2025-59137 was published Dec 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rene Ade SensitiveTagCloud allows Stored XSS... High Unreviewed
CVE-2025-49344 was published Dec 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wolfgang Häfelinger Custom Style allows Stored... High Unreviewed
CVE-2025-49342 was published Dec 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hoernerfranz WP-CalDav2ICS allows Stored XSS... High Unreviewed
CVE-2025-59131 was published Dec 31, 2025
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src... High Unreviewed
CVE-2024-30855 was published Dec 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Five Star Restaurant Reservations... High Unreviewed
CVE-2025-68601 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory... High Unreviewed
CVE-2025-68580 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu Vimeotheque codeflavors... High Unreviewed
CVE-2025-68584 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro my-auctions... High Unreviewed
CVE-2025-68567 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast... High Unreviewed
CVE-2025-68583 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link... High Unreviewed
CVE-2025-68573 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne WP Email Capture wp-email-capture... High Unreviewed
CVE-2025-68529 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in tmtraderunner Trade Runner traderunner allows... High Unreviewed
CVE-2025-67625 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in titopandub Evergreen Post Tweeter evergreen... High Unreviewed
CVE-2025-67622 was published Dec 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online... High Unreviewed
CVE-2025-1927 was published Dec 19, 2025
CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker... High Unreviewed
CVE-2025-66953 was published Dec 17, 2025
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents... High Unreviewed
CVE-2025-65203 was published Dec 17, 2025
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks... High Unreviewed
CVE-2025-65593 was published Dec 16, 2025
OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of... High Unreviewed
CVE-2025-13970 was published Dec 13, 2025
A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8... High Unreviewed
CVE-2025-65472 was published Dec 11, 2025
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery vulnerability... High Unreviewed
CVE-2020-36900 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that... High Unreviewed
CVE-2020-36901 was published Dec 10, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality High
CVE-2025-34429 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database