Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,487 advisories

Loading
BentoML SSRF Vulnerability in File Upload Processing Critical
CVE-2025-54381 was published for bentoml (pip) Jul 29, 2025
geckosecurity jjjutla
nkoorty
webfinger.js Blind SSRF Vulnerability Moderate
GHSA-8xq3-w9fx-74rv was published for webfinger.js (npm) Jul 28, 2025
orihjfrog
A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream... Moderate Unreviewed
CVE-2025-24485 was published Jul 28, 2025
ssrfcheck has Incomplete IP Address Deny List that leads to Server-Side Request Forgery Vulnerability High
CVE-2025-8267 was published for ssrfcheck (npm) Jul 28, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical.... Moderate Unreviewed
CVE-2025-8228 was published Jul 27, 2025
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... High Unreviewed
CVE-2025-52453 was published Jul 25, 2025
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... Moderate Unreviewed
CVE-2025-52455 was published Jul 25, 2025
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux ... Moderate Unreviewed
CVE-2025-52454 was published Jul 25, 2025
Apwide Golive 10.2.0 Jira plugin allows Server-Side Request Forgery (SSRF) via the test webhook... Moderate Unreviewed
CVE-2025-45939 was published Jul 25, 2025
A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This... Moderate Unreviewed
CVE-2025-8133 was published Jul 25, 2025
private-ip vulnerable to Server-Side Request Forgery High
CVE-2025-8020 was published for private-ip (npm) Jul 23, 2025
The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-5818 was published Jul 23, 2025
Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of... Critical Unreviewed
CVE-2025-52362 was published Jul 21, 2025
An issue was discovered in Eveo URVE Web Manager 27.02.2025. The endpoint /_internal/redirect.php... High Unreviewed
CVE-2025-36845 was published Jul 21, 2025
CWE-918 Server-Side Request Forgery (SSRF) High Unreviewed
CVE-2025-46385 was published Jul 20, 2025
A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH... Moderate Unreviewed
CVE-2025-52163 was published Jul 18, 2025
XXL-JOB is vulnerable to SSRF attacks Low
CVE-2025-7787 was published for com.xuxueli:xxl-job-core (Maven) Jul 18, 2025
A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0.... Moderate Unreviewed
CVE-2025-7759 was published Jul 18, 2025
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... Moderate Unreviewed
CVE-2025-20288 was published Jul 16, 2025
Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints High
CVE-2024-9408 was published for org.glassfish.main.admingui:console-common (Maven) Jul 16, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPress allows Server... Moderate Unreviewed
CVE-2025-48294 was published Jul 16, 2025
A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and... Moderate Unreviewed
CVE-2025-51591 was published Jul 11, 2025
CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated... Moderate Unreviewed
CVE-2025-50125 was published Jul 11, 2025
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2025-6851 was published Jul 11, 2025
SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy... High Unreviewed
CVE-2024-43204 was published Jul 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database