Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,478
Erlang
33
GitHub Actions
24
Go
2,208
Maven
5,000+
npm
3,865
NuGet
696
pip
3,642
Pub
12
RubyGems
913
Rust
919
Swift
38
Unreviewed advisories
All unreviewed
5,000+

580 advisories

Loading
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding Moderate
CVE-2025-31116 was published for mobsf (pip) Mar 31, 2025
Sim4n6
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-2997 was published Mar 31, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side... Moderate Unreviewed
CVE-2025-31527 was published Mar 31, 2025
OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers. Moderate Unreviewed
CVE-2025-28096 was published Mar 29, 2025
ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings. Moderate Unreviewed
CVE-2025-28093 was published Mar 29, 2025
ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function. Moderate Unreviewed
CVE-2025-28092 was published Mar 29, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows... Moderate Unreviewed
CVE-2025-31076 was published Mar 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for... Moderate Unreviewed
CVE-2025-22672 was published Mar 27, 2025
Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side... Moderate Unreviewed
CVE-2025-30914 was published Mar 27, 2025
A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-2835 was published Mar 27, 2025
The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2024-13411 was published Mar 26, 2025
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-2109 was published Mar 25, 2025
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed
CVE-2024-10206 was published Mar 25, 2025
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed
CVE-2024-10207 was published Mar 25, 2025
The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13856 was published Mar 22, 2025
Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect Moderate
CVE-2025-27888 was published for org.apache.druid:druid (Maven) Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt... Moderate Unreviewed
CVE-2025-0188 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10... Moderate Unreviewed
CVE-2025-0184 was published Mar 20, 2025
composio Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-8952 was published for composio-core (pip) Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version... Moderate Unreviewed
CVE-2024-12392 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0.... Moderate Unreviewed
CVE-2024-12779 was published Mar 20, 2025
langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed
CVE-2024-12775 was published Mar 20, 2025
langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The... Moderate Unreviewed
CVE-2024-11822 was published Mar 20, 2025
Multiple Server-Side Request Forgery (SSRF) vulnerabilities were identified in the significant... Moderate Unreviewed
CVE-2024-10457 was published Mar 20, 2025
IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2024-49822 was published Mar 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database