GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,464
Composer 5,253
Erlang 40
GitHub Actions 41
Go 3,049
Maven 6,276
npm 4,787
NuGet 825
pip 4,384
Pub 12
RubyGems 988
Rust 1,144
Swift 50

Unreviewed advisories

All unreviewed 291,428

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,793 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery... Moderate Unreviewed

CVE-2026-27758 was published Feb 27, 2026

A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the... Low Unreviewed

CVE-2026-3193 was published Feb 25, 2026

The Disable Admin Notices – Hide Dashboard Notifications plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-2410 was published Feb 25, 2026

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF... Moderate Unreviewed

CVE-2026-27518 was published Feb 24, 2026

Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin... Moderate Unreviewed

CVE-2026-27741 was published Feb 24, 2026

Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a... Moderate Unreviewed

CVE-2026-23694 was published Feb 23, 2026

Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request... Moderate Unreviewed

CVE-2026-27513 was published Feb 23, 2026

OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that... Moderate Unreviewed

CVE-2019-25447 was published Feb 21, 2026

Cross-Site Request Forgery (CSRF) vulnerability in OpenText™ Web Site Management Server allows... Moderate Unreviewed

CVE-2025-13671 was published Feb 20, 2026

Cross-Site Request Forgery (CSRF) vulnerability in WP Moose Kenta Companion kenta-companion... Moderate Unreviewed

CVE-2026-27090 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in themastercut Revision Manager TMC revision... Moderate Unreviewed

CVE-2026-25411 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress RealPress realpress allows Cross... Moderate Unreviewed

CVE-2026-27050 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis Extra popularis-extra... Moderate Unreviewed

CVE-2026-25422 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in PublishPress PublishPress Revisions... Moderate Unreviewed

CVE-2026-25322 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify coachify allows Cross Site... Moderate Unreviewed

CVE-2026-25337 was published Feb 19, 2026

Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Elementor Site Library zita-site... Moderate Unreviewed

CVE-2026-25319 was published Feb 19, 2026

The Whatsiplus Scheduled Notification for Woocommerce plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2026-1455 was published Feb 19, 2026

The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5... High Unreviewed

CVE-2025-12821 was published Feb 19, 2026

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-12172 was published Feb 19, 2026

The Remove Post Type Slug plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-14167 was published Feb 19, 2026

The Country Blocker for AdSense plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-13413 was published Feb 19, 2026

The Page Title, Description & Open Graph Updater plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-13438 was published Feb 19, 2026

SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to... High Unreviewed

CVE-2019-25359 was published Feb 19, 2026

PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF)... Moderate Unreviewed

CVE-2025-70062 was published Feb 18, 2026

A vulnerability was found in newbee-ltd newbee-mall up to... Moderate Unreviewed

CVE-2026-2658 was published Feb 18, 2026

Previous1…312 Next

Previous 1 2 3 4 5 … 311 312 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,793 advisories