GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,464
Composer 5,253
Erlang 40
GitHub Actions 41
Go 3,049
Maven 6,276
npm 4,787
NuGet 825
pip 4,384
Pub 12
RubyGems 988
Rust 1,144
Swift 50

Unreviewed advisories

All unreviewed 291,432

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,585 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in puravida1976 ShrinkTheWeb (STW) Website... High Unreviewed

CVE-2025-58677 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... High Unreviewed

CVE-2025-58270 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in extendyourweb HORIZONTAL SLIDER allows Stored... High Unreviewed

CVE-2025-58676 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in EdwardBock Grid allows Stored XSS. This issue... High Unreviewed

CVE-2025-58657 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Shankaranand Maurya WP Content Protection... High Unreviewed

CVE-2025-58670 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WPMK WPMK PDF Generator allows Stored XSS.... High Unreviewed

CVE-2025-58268 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Authentication Bypass.... High Unreviewed

CVE-2025-58250 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc Mavis HTTPS to... High Unreviewed

CVE-2025-58261 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Anps Constructo allows Object Injection. This... High Unreviewed

CVE-2025-58244 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in wpdirectorykit Sweet Energy Efficiency allows... High Unreviewed

CVE-2025-58262 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in scriptsbundle Nokri allows Cross Site Request... High Unreviewed

CVE-2025-58259 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Aftabul Islam Stock Message allows Stored XSS.... High Unreviewed

CVE-2025-58267 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in pebas CouponXxL allows Privilege Escalation.... High Unreviewed

CVE-2025-58013 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible PDF Invoices for WooCommerce ... High Unreviewed

CVE-2025-57977 was published Sep 22, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ERA404 LinkedInclude allows Stored XSS. This... High Unreviewed

CVE-2025-57918 was published Sep 22, 2025

Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22... High Unreviewed

CVE-2025-50255 was published Sep 18, 2025

A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the... High Unreviewed

CVE-2025-56710 was published Sep 15, 2025

A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... High Unreviewed

CVE-2025-20326 was published Sep 10, 2025

Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF)... High Unreviewed

CVE-2025-54256 was published Sep 9, 2025

listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover High

CVE-2025-58430 was published for github.com/knadh/listmonk (Go) Sep 9, 2025

Credited to r3verii

Cross-Site Request Forgery (CSRF) vulnerability in Cristiano Zanca WooCommerce Booking Bundle... High Unreviewed

CVE-2025-58991 was published Sep 9, 2025

CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... High Unreviewed

CVE-2025-55147 was published Sep 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player allows... High Unreviewed

CVE-2025-48104 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in aakash1911 WP likes allows Reflected XSS. This... High Unreviewed

CVE-2025-58848 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Dejan Markovic WordPress Buffer – HYPESocial.... High Unreviewed

CVE-2025-58846 was published Sep 5, 2025

Previous 1…6…144 Next

Previous 1 2 3 4 5 6 7 8 … 143 144 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,585 advisories