Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

797 advisories

Loading
PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization... Moderate Unreviewed
CVE-2025-60319 was published Oct 30, 2025
An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri... Moderate Unreviewed
CVE-2025-60898 was published Oct 29, 2025
Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery Moderate
CVE-2025-12058 was published for keras (pip) Oct 29, 2025
IBM Concert 1.0.0 through 2.0.0 Software is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2025-36085 was published Oct 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in Codeless Slider Templates slider-templates... Moderate Unreviewed
CVE-2025-62988 was published Oct 27, 2025
ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the... Moderate Unreviewed
CVE-2025-34282 was published Oct 17, 2025
The Real Cookie Banner: GDPR & ePrivacy Cookie Consent plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12136 was published Oct 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in Icegram Icegram Express Pro email-subscribers... Moderate Unreviewed
CVE-2025-49917 was published Oct 22, 2025
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed
CVE-2025-11128 was published Oct 23, 2025
The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed
CVE-2025-10705 was published Oct 23, 2025
Server-Side Request Forgery (SSRF) vulnerability in captcha.eu Captcha.eu captcha-eu allows... Moderate Unreviewed
CVE-2025-49374 was published Oct 22, 2025
Skype for Business Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2023-41763 was published Oct 10, 2023
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to... Moderate Unreviewed
CVE-2021-21973 was published May 24, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
Zimbra Collaboration (ZCS) before 10.1.12 allows SSRF because of the configuration of the chat... Moderate Unreviewed
CVE-2025-62763 was published Oct 21, 2025
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed
CVE-2025-11536 was published Oct 21, 2025
A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0.... Moderate Unreviewed
CVE-2025-7759 was published Jul 18, 2025
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for... Moderate Unreviewed
CVE-2025-11361 was published Oct 18, 2025
A vulnerability was identified in NucleoidAI Nucleoid up to 0.7.10. The impacted element is the... Moderate Unreviewed
CVE-2025-11864 was published Oct 16, 2025
karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF). Moderate Unreviewed
CVE-2025-60540 was published Oct 14, 2025
Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an... Moderate Unreviewed
CVE-2023-45195 was published Jun 25, 2024
composio allows Server-Side Request Forgery (SSRF) in BROWSERTOOL Moderate
CVE-2024-8955 was published for composio-core (pip) Mar 20, 2025
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2025-10056 was published Oct 15, 2025
SOOP-CLM developed by PiExtract has a Server-Side Request Forgery vulnerability, allowing... Moderate Unreviewed
CVE-2025-11674 was published Oct 13, 2025
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown... Moderate Unreviewed
CVE-2025-11648 was published Oct 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database