Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

3,259 advisories

Loading
A vulnerability has been found in Sanluan PublicCMS up to 5.202506.d. This impacts the function... Moderate Unreviewed
CVE-2026-1111 was published Jan 18, 2026
The Gutenberg Thim Blocks – Page Builder, Gutenberg Blocks for the Block Editor plugin for... Moderate Unreviewed
CVE-2025-13725 was published Jan 17, 2026
The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all... Moderate Unreviewed
CVE-2025-12002 was published Jan 17, 2026
Directory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthenticated attackers... Moderate Unreviewed
CVE-2025-67083 was published Jan 15, 2026
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all... Moderate Unreviewed
CVE-2025-15020 was published Jan 14, 2026
CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directory traversal... Moderate Unreviewed
CVE-2021-47751 was published Jan 14, 2026
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability... Moderate Unreviewed
CVE-2025-58693 was published Jan 13, 2026
Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the... Moderate Unreviewed
CVE-2025-9435 was published Jan 13, 2026
A path traversal vulnerability exists in Zen MCP Server before 9.8.2 that allows authenticated... Moderate Unreviewed
CVE-2025-66689 was published Jan 12, 2026
An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary... Moderate Unreviewed
CVE-2025-67004 was published Jan 9, 2026
Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible... Moderate Unreviewed
CVE-2025-66051 was published Jan 9, 2026
The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in... Moderate Unreviewed
CVE-2019-25295 was published Jan 8, 2026
The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-14867 was published Jan 7, 2026
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download Moderate
CVE-2026-21851 was published for monai (pip) Jan 6, 2026
yueyueL
Credited to yueyueL
The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path... Moderate Unreviewed
CVE-2026-0604 was published Jan 6, 2026
A vulnerability was determined in cld378632668 JavaMall up to... Moderate Unreviewed
CVE-2025-15449 was published Jan 5, 2026
A security flaw has been discovered in yeqifu warehouse up to... Moderate Unreviewed
CVE-2026-0571 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several product versions. If a local... Moderate Unreviewed
CVE-2025-53594 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2025-59381 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2025-59380 was published Jan 2, 2026
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed
CVE-2025-15432 was published Jan 2, 2026
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of... Moderate Unreviewed
CVE-2025-15245 was published Dec 30, 2025
Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers... Moderate Unreviewed
CVE-2025-14728 was published Dec 29, 2025
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-15187 was published Dec 29, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing... Moderate Unreviewed
CVE-2025-15066 was published Dec 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database