Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32,633 advisories

Loading
A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing... Moderate Unreviewed
CVE-2026-6107 was published Apr 12, 2026
A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the... Moderate Unreviewed
CVE-2026-6106 was published Apr 12, 2026
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-3498 was published Apr 11, 2026
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2026-4895 was published Apr 11, 2026
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2026-5226 was published Apr 11, 2026
OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2026-40212 was published Apr 10, 2026
A vulnerability was found in code-projects Simple Laundry System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2026-6032 was published Apr 10, 2026
A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The... Moderate Unreviewed
CVE-2026-6035 was published Apr 10, 2026
A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an... Moderate Unreviewed
CVE-2026-6034 was published Apr 10, 2026
The AddFunc Head & Footer Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2026-2305 was published Apr 10, 2026
A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This... Moderate Unreviewed
CVE-2026-6003 was published Apr 10, 2026
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2026-4305 was published Apr 10, 2026
The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up... Moderate Unreviewed
CVE-2026-1263 was published Apr 10, 2026
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-21904 was published Apr 10, 2026
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2023-54364 was published Apr 9, 2026
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability... Moderate Unreviewed
CVE-2023-54362 was published Apr 9, 2026
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2023-54360 was published Apr 9, 2026
Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that... Moderate Unreviewed
CVE-2023-54361 was published Apr 9, 2026
WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that... Moderate Unreviewed
CVE-2023-54358 was published Apr 9, 2026
Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2023-54363 was published Apr 9, 2026
A Reflected Cross-Site Scripting (XSS) affects LimeSurvey versions prior to 6.15.11+250909, due... Moderate Unreviewed
CVE-2025-63238 was published Apr 9, 2026
Cross Site Scripting vulnerability in Limesurvey v.6.15.20+251021 allows a remote attacker to... Moderate Unreviewed
CVE-2025-70797 was published Apr 9, 2026
A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper... Moderate Unreviewed
CVE-2025-70365 was published Apr 9, 2026
The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2026-3005 was published Apr 9, 2026
A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows... Moderate Unreviewed
CVE-2025-45806 was published Apr 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database