GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,464
Composer 5,253
Erlang 40
GitHub Actions 41
Go 3,049
Maven 6,276
npm 4,787
NuGet 825
pip 4,384
Pub 12
RubyGems 988
Rust 1,144
Swift 50

Unreviewed advisories

All unreviewed 291,432

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,793 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama Thumbnail kama-thumbnail... Moderate Unreviewed

CVE-2026-24521 was published Jan 23, 2026

Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Manager for WooCommerce... Moderate Unreviewed

CVE-2026-24365 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic custom... Moderate Unreviewed

CVE-2026-24374 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in launchinteractive Merge + Minify + Refresh... Moderate Unreviewed

CVE-2026-24384 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for... Moderate Unreviewed

CVE-2026-22462 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress teachpress allows Cross... Moderate Unreviewed

CVE-2026-22483 was published Jan 22, 2026

PHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CSRF) protection on... Moderate Unreviewed

CVE-2025-70899 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar Simple XML Sitemap simple-xml... High Unreviewed

CVE-2026-22355 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in AA-Team Wordpress Movies Bulk Importer movies... Moderate Unreviewed

CVE-2026-22359 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon searchazon allows Cross... Moderate Unreviewed

CVE-2026-22360 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and... Moderate Unreviewed

CVE-2026-22382 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO Search wp-seo-search allows... Moderate Unreviewed

CVE-2025-67626 was published Jan 22, 2026

Cross-Site Request Forgery (CSRF) vulnerability in bdthemes Element Pack Elementor Addons... High Unreviewed

CVE-2025-31413 was published Jan 22, 2026

GetSimple CMS Custom JS 0.1 plugin contains a cross-site request forgery vulnerability that... High Unreviewed

CVE-2021-47860 was published Jan 21, 2026

GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF)... Moderate Unreviewed

CVE-2021-47830 was published Jan 21, 2026

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Low Unreviewed

CVE-2025-36411 was published Jan 20, 2026

The Newsletter – Send awesome emails from WordPress plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2026-1051 was published Jan 20, 2026

A security vulnerability has been detected in birkir prime up to 0.4.0.beta.0. This vulnerability... Moderate Unreviewed

CVE-2026-1169 was published Jan 19, 2026

A vulnerability was detected in technical-laohu mpay up to 1.2.4. This affects an unknown... Moderate Unreviewed

CVE-2026-1153 was published Jan 19, 2026

A vulnerability was determined in SourceCodester/Patrick Mvuma Patients Waiting Area Queue... Moderate Unreviewed

CVE-2026-1148 was published Jan 19, 2026

A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an... Moderate Unreviewed

CVE-2026-1142 was published Jan 19, 2026

Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable... Moderate Unreviewed

CVE-2021-47820 was published Jan 16, 2026

The LEAV Last Email Address Validator plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-14853 was published Jan 16, 2026

b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed

CVE-2021-47800 was published Jan 16, 2026

Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to... Moderate Unreviewed

CVE-2021-47754 was published Jan 15, 2026

Previous 1…5…312 Next

Previous 1 2 3 4 5 6 7 … 311 312 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,793 advisories