GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,557
Composer 5,386
Erlang 44
GitHub Actions 46
Go 3,270
Maven 6,323
npm 5,240
NuGet 867
pip 4,517
Pub 12
RubyGems 998
Rust 1,194
Swift 51

Unreviewed advisories

All unreviewed 294,262

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

40,981 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, and contacts categories. Moderate Unreviewed

CVE-2025-71276 was published Mar 22, 2026

A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alert_location... Moderate Unreviewed

CVE-2026-4510 was published Mar 21, 2026

The Wikilookup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Popup... Moderate Unreviewed

CVE-2026-3354 was published Mar 21, 2026

The Comment SPAM Wiper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-3353 was published Mar 21, 2026

The Multi Functional Flexi Lightbox plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-3347 was published Mar 21, 2026

The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-3619 was published Mar 21, 2026

The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-3617 was published Mar 21, 2026

The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-3554 was published Mar 21, 2026

The WP Games Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-3996 was published Mar 21, 2026

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-4072 was published Mar 21, 2026

The WP Random Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-4086 was published Mar 21, 2026

The Ecover Builder For Dummies plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-4077 was published Mar 21, 2026

The Alfie – Feed Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-4069 was published Mar 21, 2026

The fyyd podcast shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-4084 was published Mar 21, 2026

The Ad Short plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ad'... Moderate Unreviewed

CVE-2026-4067 was published Mar 21, 2026

The Text Toggle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title'... Moderate Unreviewed

CVE-2026-3997 was published Mar 21, 2026

The Review Map by RevuKangaroo plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-4161 was published Mar 21, 2026

The Show Posts list – Easy designs, filters and more plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2026-4022 was published Mar 21, 2026

The WP NG Weather plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1822 was published Mar 21, 2026

The Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-1911 was published Mar 21, 2026

The Go Night Pro | WordPress Dark Mode Plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-1886 was published Mar 21, 2026

The Outgrow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id'... Moderate Unreviewed

CVE-2026-1889 was published Mar 21, 2026

The Post Flagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2026-1854 was published Mar 21, 2026

The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1899 was published Mar 21, 2026

The Integration with Hubspot Forms plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-1908 was published Mar 21, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

40,981 advisories