Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

8,777 advisories

Loading
ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed
CVE-2016-20028 was published Mar 16, 2026
Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows... Moderate Unreviewed
CVE-2016-20035 was published Mar 16, 2026
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross... Moderate Unreviewed
CVE-2015-20113 was published Mar 16, 2026
Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that... Moderate Unreviewed
CVE-2015-20117 was published Mar 16, 2026
Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows... High Unreviewed
CVE-2016-20034 was published Mar 16, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce... Moderate Unreviewed
CVE-2026-32443 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor admin-menu... Moderate Unreviewed
CVE-2026-32456 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross... Moderate Unreviewed
CVE-2026-32420 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in desertthemes Corpiva corpiva allows Cross Site... Moderate Unreviewed
CVE-2026-32344 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in shufflehound Lemmony lemmony allows Cross Site... Moderate Unreviewed
CVE-2026-32328 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery... Moderate Unreviewed
CVE-2026-32330 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross... Moderate Unreviewed
CVE-2026-32342 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Easy Table of Contents easy-table-of... Moderate Unreviewed
CVE-2026-32343 was published Mar 13, 2026
wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability in the getFollowsPage(... Moderate Unreviewed
CVE-2026-22215 was published Mar 13, 2026
wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers... Moderate Unreviewed
CVE-2026-22202 was published Mar 13, 2026
The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2026-3903 was published Mar 11, 2026
The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one... High Unreviewed
CVE-2026-2626 was published Mar 11, 2026
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is... Moderate Unreviewed
CVE-2026-2324 was published Mar 11, 2026
The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when... Moderate Unreviewed
CVE-2026-1508 was published Mar 10, 2026
Craft CMS has a potential information disclosure vulnerability in preview tokens Low
CVE-2026-29113 was published for craftcms/cms (Composer) Mar 10, 2026
singetu0096 Credited to singetu0096
An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd... High Unreviewed
CVE-2025-70031 was published Mar 9, 2026
A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects... Moderate Unreviewed
CVE-2026-3770 was published Mar 8, 2026
The Guardian News Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2026-1087 was published Mar 7, 2026
The Purchase Button For Affiliate Link plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2026-1073 was published Mar 7, 2026
The Font Pairing Preview For Landing Pages plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2026-1086 was published Mar 7, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database