Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,599
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,828
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

8,810 advisories

Loading
DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in ... High Unreviewed
CVE-2026-29839 was published Mar 24, 2026
A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted element is an unknown... Low Unreviewed
CVE-2026-4590 was published Mar 23, 2026
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF... High Unreviewed
CVE-2026-31849 was published Mar 23, 2026
The Neos Connector for Fakturama plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2026-4143 was published Mar 21, 2026
The Post Snippits plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-2723 was published Mar 21, 2026
The Lobot Slider Administrator plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2026-3331 was published Mar 21, 2026
The Xhanch - My Advanced Settings plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2026-3332 was published Mar 21, 2026
The Redirect countdown plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-1390 was published Mar 21, 2026
The Add Google Social Profiles to Knowledge Graph Box plugin for WordPress is vulnerable to Cross... Moderate Unreviewed
CVE-2026-1393 was published Mar 21, 2026
The SR WP Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-1392 was published Mar 21, 2026
The login_register plugin for WordPress is vulnerable to Cross-Site Request Forgery to Stored... Moderate Unreviewed
CVE-2026-1503 was published Mar 21, 2026
The WP Posts Re-order plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-1378 was published Mar 21, 2026
The Invelity Product Feeds plugin for WordPress is vulnerable to arbitrary file deletion via path... High Unreviewed
CVE-2025-14037 was published Mar 21, 2026
AVideo Affected by CSRF on Plugin Import Endpoint Enables Unauthenticated Remote Code Execution via Malicious Plugin Upload High
CVE-2026-33507 was published for wwbn/avideo (Composer) Mar 20, 2026
offset Credited to offset
Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows... High Unreviewed
CVE-2026-32989 was published Mar 20, 2026
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A cross-site request forgery... Moderate Unreviewed
CVE-2026-33372 was published Mar 20, 2026
Cross-Site request forgery (CSRF) vulnerability in joshuae1974 Flash Video Player allows Cross... High Unreviewed
CVE-2024-32537 was published Mar 20, 2026
Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk High
CVE-2026-33252 was published for github.com/modelcontextprotocol/go-sdk (Go) Mar 19, 2026
aleister1102 Credited to aleister1102
The Add Custom Fields to Media plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2026-4068 was published Mar 19, 2026
The update address CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to manipulate... High Unreviewed
CVE-2025-55045 was published Mar 18, 2026
MuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently... High Unreviewed
CVE-2025-55046 was published Mar 18, 2026
The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore... High Unreviewed
CVE-2025-55044 was published Mar 18, 2026
MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality ... Moderate Unreviewed
CVE-2025-55043 was published Mar 18, 2026
MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user... High Unreviewed
CVE-2025-55041 was published Mar 18, 2026
The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and... High Unreviewed
CVE-2025-55040 was published Mar 18, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database