GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,002
Composer 4,876
Erlang 37
GitHub Actions 36
Go 2,522
Maven 5,974
npm 4,174
NuGet 741
pip 3,965
Pub 12
RubyGems 947
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 271,074

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

162 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed

CVE-2025-8359 was published Sep 6, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows... Critical Unreviewed

CVE-2025-54725 was published Aug 28, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster... Critical Unreviewed

CVE-2025-54738 was published Aug 28, 2025

The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed

CVE-2025-5821 was published Aug 23, 2025

The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7... Critical Unreviewed

CVE-2025-7642 was published Aug 23, 2025

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025... Critical Unreviewed

CVE-2025-50904 was published Aug 20, 2025

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda... Critical Unreviewed

CVE-2025-27129 was published Aug 20, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi... Critical Unreviewed

CVE-2025-54713 was published Aug 20, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator... Critical Unreviewed

CVE-2025-8995 was published Aug 15, 2025

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a... Critical Unreviewed

CVE-2025-51452 was published Aug 13, 2025

The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in... Critical Unreviewed

CVE-2025-7710 was published Aug 2, 2025

The Melapress Login Security plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed

CVE-2025-6895 was published Jul 26, 2025

The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed

CVE-2025-7444 was published Jul 18, 2025

The Simple Payment plugin for WordPress is vulnerable to Authentication Bypass in versions 1.3.6... Critical Unreviewed

CVE-2025-6688 was published Jun 27, 2025

An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this... Critical Unreviewed

CVE-2025-51381 was published Jun 18, 2025

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme,... Critical Unreviewed

CVE-2025-4973 was published Jun 12, 2025

CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through... Critical Unreviewed

CVE-2025-30184 was published Jun 10, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India... Critical Unreviewed

CVE-2025-31022 was published Jun 9, 2025

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2025-4797 was published Jun 3, 2025

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed

CVE-2025-34026 was published May 22, 2025

Affected Vertiv products do not properly protect webserver functions that could allow an attacker... Critical Unreviewed

CVE-2025-46412 was published May 21, 2025

An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024... Critical Unreviewed

CVE-2025-22462 was published May 13, 2025

The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication... Critical Unreviewed

CVE-2025-3844 was published May 7, 2025

A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus... Critical Unreviewed

CVE-2024-12225 was published May 6, 2025

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed

CVE-2025-1909 was published May 5, 2025

Previous1…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

162 advisories