Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

225 advisories

Loading
Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an... Critical Unreviewed
CVE-2026-26135 was published Apr 3, 2026
Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2026-33107 was published Apr 3, 2026
Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to... Critical Unreviewed
CVE-2026-32169 was published Mar 19, 2026
An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta... Critical Unreviewed
CVE-2025-70042 was published Mar 9, 2026
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code... Critical Unreviewed
CVE-2026-26339 was published Feb 19, 2026
SoftVision webPDF before 10.0.2 is vulnerable to Server-Side Request Forgery (SSRF). The PDF... Critical Unreviewed
CVE-2025-55853 was published Feb 19, 2026
Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software... Critical Unreviewed
CVE-2025-11242 was published Feb 10, 2026
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the... Critical Unreviewed
CVE-2025-46651 was published Feb 3, 2026
Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspider imgspider allows Server... Critical Unreviewed
CVE-2026-22482 was published Jan 22, 2026
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Pool Services pool-services... Critical Unreviewed
CVE-2025-62741 was published Jan 22, 2026
Server-Side Request Forgery (SSRF) vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer... Critical Unreviewed
CVE-2025-64252 was published Jan 22, 2026
Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows... Critical Unreviewed
CVE-2025-22726 was published Jan 8, 2026
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server... Critical Unreviewed
CVE-2024-25181 was published Dec 29, 2025
Server-Side Request Forgery (SSRF) vulnerability in Yannick Lefebvre Link Library link-library... Critical Unreviewed
CVE-2025-68600 was published Dec 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider – Addons For Elementor... Critical Unreviewed
CVE-2025-68500 was published Dec 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in 6Storage 6Storage Rentals 6storage-rentals... Critical Unreviewed
CVE-2025-67623 was published Dec 24, 2025
Custom Question Answering Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-64663 was published Dec 19, 2025
PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController. Critical Unreviewed
CVE-2025-65836 was published Dec 1, 2025
Server-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to... Critical Unreviewed
CVE-2025-59503 was published Oct 24, 2025
A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5... Critical Unreviewed
CVE-2025-60279 was published Oct 17, 2025
halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api... Critical Unreviewed
CVE-2025-44594 was published Sep 9, 2025
A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with... Critical Unreviewed
CVE-2025-27217 was published Aug 21, 2025
Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password... Critical Unreviewed
CVE-2025-50251 was published Aug 13, 2025
Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53767 was published Aug 7, 2025
Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of... Critical Unreviewed
CVE-2025-52362 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database