GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,443

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34,826 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service... High Unreviewed

CVE-2025-4992 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry... High Unreviewed

CVE-2025-4991 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from... High Unreviewed

CVE-2025-4989 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential... High Unreviewed

CVE-2025-4984 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in... High Unreviewed

CVE-2025-4988 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio... High Unreviewed

CVE-2025-4985 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential... High Unreviewed

CVE-2025-4983 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager... High Unreviewed

CVE-2025-4990 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager... High Unreviewed

CVE-2025-4986 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry... High Unreviewed

CVE-2025-0602 was published May 30, 2025

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content... High Unreviewed

CVE-2025-1763 was published May 30, 2025

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-4944 was published May 30, 2025

The OpenSheetMusicDisplay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5235 was published May 30, 2025

The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-5236 was published May 30, 2025

Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user... Moderate Unreviewed

CVE-2025-41406 was published May 30, 2025

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-4943 was published May 30, 2025

The Minimal Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5259 was published May 30, 2025

The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-5122 was published May 29, 2025

The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress... Moderate Unreviewed

CVE-2025-4670 was published May 29, 2025

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-5286 was published May 29, 2025

The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-4583 was published May 29, 2025

CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute... Moderate Unreviewed

CVE-2025-27706 was published May 28, 2025

Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component... Moderate Unreviewed

CVE-2025-1461 was published May 28, 2025

Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via... High Unreviewed

CVE-2025-30087 was published May 28, 2025

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed

CVE-2025-31500 was published May 28, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,826 advisories