GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,159
Composer 5,094
Erlang 40
GitHub Actions 38
Go 2,779
Maven 6,180
npm 4,380
NuGet 770
pip 4,159
Pub 12
RubyGems 963
Rust 1,071
Swift 45

Unreviewed advisories

All unreviewed 282,812

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

288 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar... Unknown Unreviewed

CVE-2025-69235 was published Dec 30, 2025

Authentication issue that does not verify the source of a packet which could allow an attacker to... High Unreviewed

CVE-2025-61740 was published Dec 22, 2025

A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in... Critical Unreviewed

CVE-2025-63388 was published Dec 18, 2025

A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in... Critical Unreviewed

CVE-2025-63386 was published Dec 18, 2025

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox <... Moderate Unreviewed

CVE-2025-14331 was published Dec 9, 2025

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account... Critical Unreviewed

CVE-2025-34291 was published Dec 6, 2025

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3... Moderate Unreviewed

CVE-2025-8074 was published Dec 4, 2025

Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin... Moderate Unreviewed

CVE-2025-37734 was published Nov 12, 2025

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80... Moderate Unreviewed

CVE-2025-12905 was published Nov 8, 2025

Nagios XI versions prior to 2024R1.2.2 contain a host header injection vulnerability. The... High Unreviewed

CVE-2024-14006 was published Oct 31, 2025

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual... High Unreviewed

CVE-2025-62584 was published Oct 16, 2025

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an... Moderate Unreviewed

CVE-2025-2140 was published Oct 12, 2025

An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks... High Unreviewed

CVE-2025-59957 was published Oct 9, 2025

A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the... Moderate Unreviewed

CVE-2025-42706 was published Oct 8, 2025

A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability... Moderate Unreviewed

CVE-2025-11304 was published Oct 5, 2025

A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point ... Moderate Unreviewed

CVE-2025-20364 was published Sep 24, 2025

Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing.This issue... High Unreviewed

CVE-2024-13068 was published Sep 3, 2025

An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client... High Unreviewed

CVE-2025-51605 was published Aug 22, 2025

'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects... High Unreviewed

CVE-2025-9180 was published Aug 19, 2025

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP... Moderate Unreviewed

CVE-2025-52621 was published Aug 16, 2025

In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic... Moderate Unreviewed

CVE-2025-53399 was published Aug 1, 2025

Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab... High Unreviewed

CVE-2025-53600 was published Jul 4, 2025

Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass... Moderate Unreviewed

CVE-2025-5824 was published Jun 26, 2025

The security settings in the SAP Business One Integration Framework are not adequately checked,... Moderate Unreviewed

CVE-2025-42998 was published Jun 10, 2025

An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may... High Unreviewed

CVE-2024-31127 was published Jun 4, 2025

Previous1…12 Next

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

288 advisories