GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,919
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,207
Maven 5,433
npm 3,858
NuGet 696
pip 3,639
Pub 12
RubyGems 913
Rust 918
Swift 38

Unreviewed advisories

All unreviewed 249,588

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

451 advisories

Filter by severity

Sort by

Least recently updated

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed

CVE-2025-1912 was published Mar 26, 2025

nossrf Server-Side Request Forgery (SSRF) High

CVE-2025-2691 was published for nossrf (npm) Mar 23, 2025

The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side... High Unreviewed

CVE-2025-1970 was published Mar 22, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed

CVE-2024-13923 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed

CVE-2025-0454 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed

CVE-2024-8099 was published Mar 20, 2025

Open WebUI has SSRF in /openai/models High

CVE-2024-7959 was published for open-webui (pip) Mar 20, 2025

comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2024-12882 was published Mar 20, 2025

FastChat Server-Side Request Forgery vulnerability High

CVE-2024-12376 was published for fschat (pip) Mar 20, 2025

parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2024-12766 was published Mar 20, 2025

FastChat Server-Side Request Forgery vulnerability High

CVE-2024-11603 was published for fschat (pip) Mar 20, 2025

A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed

CVE-2024-11449 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed

CVE-2024-12068 was published Mar 20, 2025

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed

CVE-2024-11030 was published Mar 20, 2025

axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL High

CVE-2025-27152 was published for axios (npm) Mar 7, 2025

A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows... High Unreviewed

CVE-2025-25760 was published Feb 27, 2025

The web server receives a URL or similar request from an upstream component and retrieves the... High Unreviewed

CVE-2024-37359 was published Feb 20, 2025

Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0... High Unreviewed

CVE-2025-20075 was published Feb 18, 2025

Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint High

CVE-2025-25297 was published for label-studio (pip) Feb 14, 2025

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows... High Unreviewed

CVE-2025-26494 was published Feb 11, 2025

Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An... High Unreviewed

CVE-2025-22399 was published Feb 11, 2025

A vulnerability has been identified in Opcenter Intelligence (All versions < V2501). Server-side... High Unreviewed

CVE-2025-26491 was published Feb 11, 2025

Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker... High Unreviewed

CVE-2025-21177 was published Feb 7, 2025

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-57767 was published Jan 15, 2025

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed

CVE-2025-0474 was published Jan 14, 2025

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

451 advisories