Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,221 advisories

Loading
Liferay Portal is vulnerable to DNS rebinding attacks Moderate
CVE-2025-62266 was published for com.liferay.portal:release.portal.bom (Maven) Oct 30, 2025
Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode Low
GHSA-cf57-c578-7jvv was published for github.com/TecharoHQ/anubis (Go) Oct 30, 2025
nijel mbiesiad
Credited to nijel and mbiesiad
Byaidu PDFMathTranslate vulnerable to open redirect Low
CVE-2025-50736 was published for pdf2zh (pip) Oct 30, 2025
ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection High
CVE-2025-64101 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
amit-laish livio-a
Credited to amit-laish and livio-a
PrivateBin is missing HTML sanitization of attached filename in file size hint Moderate
CVE-2025-62796 was published for privatebin/privatebin (Composer) Oct 28, 2025
Liferay Portal Vulnerable to Open Redirect via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter Moderate
CVE-2025-62253 was published for com.liferay:com.liferay.layout.admin.web (Maven) Oct 27, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-62981 was published Oct 27, 2025
Open redirection vulnerability in MOLGENIS EMX2 v11.14.0. This vulnerability allows an attacker... Moderate Unreviewed
CVE-2025-10355 was published Oct 23, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... High Unreviewed
CVE-2025-60151 was published Oct 22, 2025
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2025-61753 was published Oct 21, 2025
Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic Moderate
CVE-2025-62595 was published for koa (npm) Oct 21, 2025
haymizrachi
Credited to haymizrachi
reflex-dev/reflex has an Open Redirect vulnerability Low
CVE-2025-62379 was published for reflex (pip) Oct 15, 2025
im-soohyun
Credited to im-soohyun
Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site (... Low Unreviewed
CVE-2025-54196 was published Oct 15, 2025
An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in FortiOS 7.6.0 through 7.6.2, 7... Low Unreviewed
CVE-2025-47890 was published Oct 14, 2025
The CM Registration – Tailored tool for seamless login and invitation-based registrations plugin... Moderate Unreviewed
CVE-2025-11167 was published Oct 11, 2025
Newforma Info Exchange (NIX) '/DownloadWeb/hyperlinkredirect.aspx' provides an unauthenticated... Moderate Unreviewed
CVE-2025-35059 was published Oct 9, 2025
vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class High
CVE-2025-6242 was published for vllm (pip) Oct 7, 2025
kexinoh d3do-23
lonelyuan huachenheli DarkLight1337 russellb sidhpurwala-huzaifa
Credited to kexinoh, d3do-23, lonelyuan, huachenheli, DarkLight1337, russellb, and sidhpurwala-huzaifa
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo... Moderate Unreviewed
CVE-2025-0608 was published Oct 6, 2025
CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10.... Moderate Unreviewed
CVE-2025-54088 was published Oct 2, 2025
An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An... Moderate Unreviewed
CVE-2025-11240 was published Oct 2, 2025
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the... High Unreviewed
CVE-2024-55017 was published Sep 30, 2025
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may... Moderate Unreviewed
CVE-2025-57878 was published Sep 29, 2025
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may... Moderate Unreviewed
CVE-2025-57879 was published Sep 29, 2025
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may... Moderate Unreviewed
CVE-2025-57872 was published Sep 29, 2025
lobe-chat has an Open Redirect Moderate
CVE-2025-59426 was published for @lobehub/chat (npm) Sep 24, 2025
im-soohyun
Credited to im-soohyun
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database