GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,975

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

49 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend... Critical Unreviewed

CVE-2025-65656 was published Dec 2, 2025

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the... Critical Unreviewed

CVE-2025-41734 was published Nov 18, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-48330 was published Nov 6, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-39466 was published Nov 6, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-39463 was published Nov 6, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-58958 was published Oct 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-58967 was published Oct 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-39468 was published Nov 6, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-53252 was published Nov 6, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-48290 was published Nov 6, 2025

Inclusion of Functionality from Untrusted Control Sphere, Improper Control of Filename for... Critical Unreviewed

CVE-2025-11023 was published Oct 23, 2025

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Critical Unreviewed

CVE-2025-7634 was published Oct 9, 2025

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is... Critical Unreviewed

CVE-2025-7721 was published Oct 3, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-48293 was published Aug 14, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-25174 was published Aug 14, 2025

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability,... Critical Unreviewed

CVE-2025-8913 was published Aug 13, 2025

The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file... Critical Unreviewed

CVE-2012-10025 was published Aug 5, 2025

File contents could be read from the local file system by an attacker. Additionally, malicious... Critical Unreviewed

CVE-2025-24937 was published Jul 21, 2025

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... Critical Unreviewed

CVE-2025-4689 was published Jul 2, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-47586 was published Jun 6, 2025

A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to... Critical Unreviewed

CVE-2022-40089 was published Sep 23, 2022

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-46468 was published May 23, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-39406 was published May 19, 2025

A improper control of filename for include/require statement in PHP program vulnerability in the... Critical Unreviewed

CVE-2025-31340 was published Apr 17, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Critical Unreviewed

CVE-2025-32577 was published Apr 11, 2025

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories