Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Grafana Incorrect Privilege Assignment vulnerability Critical
CVE-2025-41115 was published for github.com/grafana/grafana (Go) Nov 21, 2025
cdupuis
Credited to cdupuis
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king... Critical Unreviewed
CVE-2025-6325 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for... Critical Unreviewed
CVE-2025-60243 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration... Critical Unreviewed
CVE-2025-60195 was published Nov 6, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote... Critical Unreviewed
CVE-2025-62645 was published Oct 17, 2025
A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an... Critical Unreviewed
CVE-2025-10725 was published Sep 30, 2025
Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass... Critical Unreviewed
CVE-2025-10644 was published Sep 17, 2025
Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin allows... Critical Unreviewed
CVE-2025-49388 was published Aug 28, 2025
Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege... Critical Unreviewed
CVE-2025-54049 was published Aug 20, 2025
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed
CVE-2025-53580 was published Aug 20, 2025
In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in... Critical Unreviewed
CVE-2025-44655 was published Jul 21, 2025
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce... Critical Unreviewed
CVE-2025-52836 was published Jul 16, 2025
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2025-49867 was published Jul 4, 2025
Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege... Critical Unreviewed
CVE-2025-23970 was published Jul 4, 2025
Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb... Critical Unreviewed
CVE-2025-45006 was published Jul 1, 2025
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for... Critical Unreviewed
CVE-2025-48129 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation.... Critical Unreviewed
CVE-2025-47539 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in pebas CouponXL allows Privilege Escalation. This... Critical Unreviewed
CVE-2025-39489 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed
CVE-2025-31918 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege... Critical Unreviewed
CVE-2025-27007 was published May 1, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration. Critical Unreviewed
CVE-2025-32980 was published Apr 25, 2025
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job... Critical Unreviewed
CVE-2025-2470 was published Apr 25, 2025
Incorrect Privilege Assignment vulnerability in Projectopia Projectopia allows Privilege... Critical Unreviewed
CVE-2025-32648 was published Apr 17, 2025
Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO... Critical Unreviewed
CVE-2025-32491 was published Apr 11, 2025
Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP allows... Critical Unreviewed
CVE-2025-32695 was published Apr 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database