Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,635 advisories

Loading
FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability High
CVE-2025-59527 was published for flowise (npm) Sep 15, 2025
im-soohyun
Credited to im-soohyun
A vulnerability was detected in ZKEACMS 4.3. Impacted is the function Proxy of the file src... Moderate Unreviewed
CVE-2025-10471 was published Sep 15, 2025
O'View MapServer developed by PilotGaea Technologies has a Server-Side Request Forgery... Moderate Unreviewed
CVE-2025-10453 was published Sep 15, 2025
A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This... Moderate Unreviewed
CVE-2025-10410 was published Sep 14, 2025
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part... Moderate Unreviewed
CVE-2025-10397 was published Sep 14, 2025
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-10395 was published Sep 14, 2025
A flaw has been found in miurla morphic up to 0.4.5. This impacts the function fetchHtml of the... Moderate Unreviewed
CVE-2025-10393 was published Sep 14, 2025
A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the... Moderate Unreviewed
CVE-2025-10391 was published Sep 14, 2025
A vulnerability was detected in cdevroe unmark up to 1.9.3. This affects an unknown part of the... Moderate Unreviewed
CVE-2025-10329 was published Sep 13, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18... High Unreviewed
CVE-2025-6454 was published Sep 12, 2025
A security vulnerability has been detected in yanyutao0402 ChanCMS 3.3.0. The affected element is... Moderate Unreviewed
CVE-2025-10211 was published Sep 10, 2025
The Auto Save Remote Images (Drafts) plugin for WordPress is vulnerable to Server-Side Request... Moderate Unreviewed
CVE-2025-7843 was published Sep 10, 2025
halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api... Critical Unreviewed
CVE-2025-44594 was published Sep 9, 2025
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server... Moderate Unreviewed
CVE-2025-9269 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay Product Feeds allows... Moderate Unreviewed
CVE-2025-58977 was published Sep 9, 2025
A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5... Moderate Unreviewed
CVE-2025-5005 was published Sep 9, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request... Moderate Unreviewed
CVE-2025-54249 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player allows Server... High Unreviewed
CVE-2025-49430 was published Sep 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache. This... Moderate Unreviewed
CVE-2025-47437 was published Sep 9, 2025
SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... Moderate Unreviewed
CVE-2025-55139 was published Sep 9, 2025
A server-side request forgery security issue exists within Rockwell Automation ThinManager®... High Unreviewed
CVE-2025-9065 was published Sep 9, 2025
Liferay Portal is vulnerable to SSRF through custom object attachment fields Moderate
CVE-2025-43763 was published for com.liferay:com.liferay.object.service (Maven) Sep 9, 2025
A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function... Moderate Unreviewed
CVE-2025-10096 was published Sep 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in aitool Ai Auto Tool Content Writing Assistant... Moderate Unreviewed
CVE-2025-58829 was published Sep 5, 2025
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter High
CVE-2025-58179 was published for @astrojs/cloudflare (npm) Sep 4, 2025
ghostdevv monizb
alexanderniebuhr ascorbic ematipico delucis
Credited to ghostdevv, monizb, alexanderniebuhr, ascorbic, ematipico, and delucis
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database