Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,711
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

362 advisories

Loading
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-9967 was published Oct 15, 2025
The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2025-10294 was published Oct 15, 2025
The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication... Critical Unreviewed
CVE-2025-11522 was published Oct 9, 2025
The credentials of the users stored in the system's local database can be used for the log in,... Moderate Unreviewed
CVE-2025-9914 was published Oct 6, 2025
The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions... Critical Unreviewed
CVE-2025-6388 was published Oct 3, 2025
An unauthenticated debug port may allow access to the device file system. High Unreviewed
CVE-2025-10653 was published Oct 2, 2025
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS 7... Moderate Unreviewed
CVE-2025-22862 was published Oct 2, 2025
An authentication bypass vulnerability exists in LG Innotek camera models LND7210 and LNV7210R.... High Unreviewed
CVE-2025-10538 was published Oct 1, 2025
The LatePoint plugin for WordPress is vulnerable to Authentication Bypass due to insufficient... High Unreviewed
CVE-2025-7038 was published Sep 30, 2025
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and... Critical Unreviewed
CVE-2024-7314 was published Aug 2, 2024
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2025-5955 was published Sep 19, 2025
The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially... High Unreviewed
CVE-2023-49564 was published Sep 18, 2025
This vulnerability affects Firefox < 143 and Thunderbird < 143. Moderate Unreviewed
CVE-2025-10531 was published Sep 16, 2025
An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows... High Unreviewed
CVE-2025-34520 was published Aug 28, 2025
The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to,... Critical Unreviewed
CVE-2025-8359 was published Sep 6, 2025
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi... Moderate Unreviewed
CVE-2023-4957 was published Oct 11, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows... Critical Unreviewed
CVE-2025-54725 was published Aug 28, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster... Critical Unreviewed
CVE-2025-54738 was published Aug 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24206 was published Apr 29, 2025
The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to... High Unreviewed
CVE-2025-5060 was published Aug 23, 2025
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed
CVE-2025-5821 was published Aug 23, 2025
The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7... Critical Unreviewed
CVE-2025-7642 was published Aug 23, 2025
An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass... Moderate Unreviewed
CVE-2025-55623 was published Aug 22, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator... Critical Unreviewed
CVE-2025-8995 was published Aug 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database