Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,827
Maven
5,000+
npm
4,455
NuGet
775
pip
4,219
Pub
12
RubyGems
970
Rust
1,090
Swift
47
Unreviewed advisories
All unreviewed
5,000+

1,271 advisories

Loading
An open redirect vulnerability has been identified in Grafana OSS organization switching... Moderate Unreviewed
CVE-2026-22642 was published Jan 15, 2026
A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path... High Unreviewed
CVE-2026-22638 was published Jan 15, 2026
Improper validation of a login parameter may allow attackers to redirect users to malicious... Moderate Unreviewed
CVE-2026-22912 was published Jan 15, 2026
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to... High Unreviewed
CVE-2026-0712 was published Jan 15, 2026
chi has an open redirect vulnerability in the RedirectSlashes middleware Moderate
GHSA-mqqf-5wvp-8fh8 was published for github.com/go-chi/chi (Go) Jan 14, 2026
thanosgn
Credited to thanosgn
Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in... Moderate Unreviewed
CVE-2026-0513 was published Jan 13, 2026
React Router has unexpected external redirect via untrusted paths Moderate
CVE-2025-68470 was published for react-router (npm) Jan 8, 2026
APshenkin
Credited to APshenkin
V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that... Moderate Unreviewed
CVE-2019-25282 was published Jan 8, 2026
Directus has open redirect in SAML Moderate
CVE-2026-22032 was published for @directus/api (npm) Jan 6, 2026
im-soohyun Seeunsama
Credited to im-soohyun and Seeunsama
Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the ... Moderate Unreviewed
CVE-2020-36912 was published Jan 6, 2026
Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml'... Moderate Unreviewed
CVE-2025-15112 was published Dec 31, 2025
A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the... Moderate Unreviewed
CVE-2025-15258 was published Dec 30, 2025
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The... Moderate Unreviewed
CVE-2025-15241 was published Dec 30, 2025
CWE-601 URL Redirection to Untrusted Site ('Open Redirect') Moderate Unreviewed
CVE-2025-55060 was published Dec 29, 2025
An open redirect vulnerability in the login endpoint of Blitz Panel v1.17.0 allows attackers to... Moderate Unreviewed
CVE-2025-60935 was published Dec 24, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept... Moderate Unreviewed
CVE-2025-68602 was published Dec 24, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Jeff Starr User Submitted... Moderate Unreviewed
CVE-2025-68509 was published Dec 24, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet Information... Moderate Unreviewed
CVE-2025-1885 was published Dec 19, 2025
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web... Low Unreviewed
CVE-2025-55254 was published Dec 17, 2025
This issue was addressed with improved URL validation. This issue is fixed in macOS Tahoe 26.2,... Critical Unreviewed
CVE-2025-43526 was published Dec 17, 2025
AVideo versions prior to 20.0 are vulnerable to an open redirect flaw due to missing validation... Moderate Unreviewed
CVE-2025-34439 was published Dec 17, 2025
AVideo versions prior to 20.0 contain an open redirect vulnerability caused by insufficient... Moderate Unreviewed
CVE-2025-34440 was published Dec 17, 2025
Mattermost has missing redirect URL validation Low
CVE-2025-62690 was published for github.com/mattermost/mattermost (Go) Dec 17, 2025
ABP Account Module has an Open Redirect through Improper validation in its register function Moderate
CVE-2025-65581 was published for Volo.Abp.Account.Web (NuGet) Dec 16, 2025
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject... High Unreviewed
CVE-2023-53901 was published Dec 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database