Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Citizen vulnerable to stored XSS in sticky header button messages Moderate
CVE-2025-62508 was published for starcitizentools/citizen-skin (Composer) Oct 20, 2025
SomeMWDev
Credited to SomeMWDev
Star Citizen EmbedVideo Extension Stored XSS through wikitext caused by usage of non-reserved data attributes High
CVE-2025-59839 was published for starcitizenwiki/embedvideo (Composer) Sep 24, 2025
SomeMWDev
Credited to SomeMWDev
Citizen Short Description stored XSS vulnerability through wikitext High
CVE-2025-53369 was published for starcitizentools/short-description (Composer) Jul 3, 2025
SomeMWDev
Credited to SomeMWDev
Citizen vulnerable to Stored XSS through short descriptions High
CVE-2025-53370 was published for starcitizentools/citizen-skin (Composer) Jul 3, 2025
SomeMWDev
Credited to SomeMWDev
starcitizentools/citizen-skin is vulnerable to Stored XSS attack in the legacy search bar through page descriptions High
CVE-2025-53368 was published for starcitizentools/citizen-skin (Composer) Jul 3, 2025
SomeMWDev
Credited to SomeMWDev
TabberNeue vulnerable to Stored XSS through wikitext High
CVE-2025-53093 was published for starcitizentools/tabber-neue (Composer) Jun 27, 2025
SomeMWDev
Credited to SomeMWDev
starcitizentools/citizen-skin allows stored XSS in user registration date message Moderate
CVE-2025-49578 was published for starcitizentools/citizen-skin (Composer) Jun 13, 2025
SomeMWDev
Credited to SomeMWDev
starcitizentools/citizen-skin allows stored XSS in menu heading message Moderate
CVE-2025-49579 was published for starcitizentools/citizen-skin (Composer) Jun 13, 2025
SomeMWDev
Credited to SomeMWDev
starcitizentools/citizen-skin allows stored XSS in preference menu heading messages Moderate
CVE-2025-49577 was published for starcitizentools/citizen-skin (Composer) Jun 13, 2025
SomeMWDev
Credited to SomeMWDev
starcitizentools/citizen-skin allows stored XSS in search no result messages Moderate
CVE-2025-49576 was published for starcitizentools/citizen-skin (Composer) Jun 13, 2025
SomeMWDev
Credited to SomeMWDev
Citizen skin vulnerable to stored XSS through multiple system messages Moderate
CVE-2025-49575 was published for starcitizentools/citizen-skin (Composer) Jun 11, 2025
SomeMWDev
Credited to SomeMWDev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database