GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,936
Composer 4,478
Erlang 33
GitHub Actions 24
Go 2,208
Maven 5,436
npm 3,865
NuGet 696
pip 3,642
Pub 12
RubyGems 913
Rust 919
Swift 38

Unreviewed advisories

All unreviewed 249,950

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,308 advisories

Filter by severity

Sort by

Least recently updated

Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding Moderate

CVE-2025-31116 was published for mobsf (pip) Mar 31, 2025

ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings. Moderate Unreviewed

CVE-2025-28093 was published Mar 29, 2025

maccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article. Critical Unreviewed

CVE-2025-28091 was published Mar 29, 2025

ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function. Moderate Unreviewed

CVE-2025-28092 was published Mar 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) in the Collection... Critical Unreviewed

CVE-2025-28090 was published Mar 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) via the Scheduled... Critical Unreviewed

CVE-2025-28089 was published Mar 29, 2025

OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers. Moderate Unreviewed

CVE-2025-28096 was published Mar 29, 2025

eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an... Critical Unreviewed

CVE-2024-44677 was published Sep 10, 2024

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical.... Moderate Unreviewed

CVE-2025-2997 was published Mar 31, 2025

Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side... Moderate Unreviewed

CVE-2025-31527 was published Mar 31, 2025

An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit... Low Unreviewed

CVE-2023-45705 was published Mar 28, 2024

axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL High

CVE-2025-27152 was published for axios (npm) Mar 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows... Moderate Unreviewed

CVE-2025-31076 was published Mar 28, 2025

Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality.... Moderate Unreviewed

CVE-2023-24060 was published Jan 27, 2023

Apache Kylin Server-Side Request Forgery (SSRF) via `/kylin/api/xxx/diag` Endpoint Low

CVE-2024-48944 was published for org.apache.kylin:kylin-common-server (Maven) Mar 27, 2025

Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for... Moderate Unreviewed

CVE-2025-22672 was published Mar 27, 2025

Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side... Moderate Unreviewed

CVE-2025-30914 was published Mar 27, 2025

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic.... Moderate Unreviewed

CVE-2025-2835 was published Mar 27, 2025

The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed

CVE-2024-13411 was published Mar 26, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed

CVE-2025-1912 was published Mar 26, 2025

nossrf Server-Side Request Forgery (SSRF) High

CVE-2025-2691 was published for nossrf (npm) Mar 23, 2025

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-2109 was published Mar 25, 2025

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed

CVE-2024-10207 was published Mar 25, 2025

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed

CVE-2024-10206 was published Mar 25, 2025

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the... Critical Unreviewed

CVE-2024-48590 was published Mar 20, 2025

Previous 1 2 3 4 5 … 52 53 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,308 advisories