GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
391 advisories
solspace/craft-freeform Has a DoS Vulnerability
Low
GHSA-58q2-9x27-h2jm
was published
for
solspace/craft-freeform
(Composer)
Jan 15, 2026
Composer is vulnerable to ANSI sequence injection
Low
CVE-2025-67746
was published
for
composer/composer
(Composer)
Dec 30, 2025
Pterodactyl has a Reflected XSS vulnerability in “Create New Database Host”
Low
GHSA-mgr9-6c2j-jxrq
was published
for
pterodactyl/panel
(Composer)
Dec 30, 2025
AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE
Low
CVE-2025-67737
was published
for
azuracast/azuracast
(Composer)
Dec 11, 2025
Contao is vulnerable to cross-site scripting in templates
Low
CVE-2025-65961
was published
for
contao/core-bundle
(Composer)
Nov 25, 2025
LibreNMS has Weak Password Policy
Low
CVE-2025-65014
was published
for
librenms/librenms
(Composer)
Nov 18, 2025
PrivateBin vulnerable to malicious filename use for self-XSS / HTML injection locally for users
Low
CVE-2025-64711
was published
for
privatebin/privatebin
(Composer)
Nov 14, 2025
Shopware vulnerable to Server-Side Request Forgery (SSRF) – order invoice
Low
GHSA-3cpp-fv95-mpr5
was published
for
shopware/core
(Composer)
Oct 21, 2025
LibreNMS alert-rules has a Cross-Site Scripting Vulnerability
Low
CVE-2025-62412
was published
for
librenms/librenms
(Composer)
Oct 16, 2025
PrestaShop Checkout Target PayPal merchant account hijacking from backoffice
Low
CVE-2025-61924
was published
for
prestashop/ps_checkout
(Composer)
Oct 16, 2025
ProTip!
Advisories are also available from the
GraphQL API