GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
23,526 advisories
Default Credentials in nginx-defender Configuration Files
Moderate
CVE-2025-55740
was published
for
github.com/Anipaleja/nginx-defender
(Go)
Aug 19, 2025
WP Crontrol Authenticated (Administrator+) plugin vulnerable to Blind Server-Side Request Forgery
Moderate
CVE-2025-8678
was published
for
johnbillion/wp-crontrol
(Composer)
Aug 19, 2025
screenshot-desktop vulnerable to command Injection via `format` option
Critical
CVE-2025-55294
was published
for
screenshot-desktop
(npm)
Aug 19, 2025
Mermaid improperly sanitizes sequence diagram labels leading to XSS
Moderate
CVE-2025-54881
was published
for
mermaid
(npm)
Aug 19, 2025
Mermaid does not properly sanitize architecture diagram iconText leading to XSS
Moderate
CVE-2025-54880
was published
for
mermaid
(npm)
Aug 19, 2025
Astro allows unauthorized third-party images in _image endpoint
Moderate
CVE-2025-55303
was published
for
@astrojs/node
(npm)
Aug 19, 2025
HydrAIDE Authentication Bypass Vulnerability
Critical
GHSA-qp7j-x725-g67f
was published
for
github.com/hydraide/hydraide
(Go)
Aug 19, 2025
Stored XSS in n8n Form Trigger allows Account Takeover via injected iframe and video/source
High
CVE-2025-52478
was published
for
n8n
(npm)
Aug 19, 2025
LibreNMS allows stored XSS in Alert Template name field
Moderate
CVE-2025-55296
was published
for
librenms/librenms
(Composer)
Aug 18, 2025
Copier's safe template has filesystem write access outside destination path
Moderate
CVE-2025-55214
was published
for
copier
(pip)
Aug 18, 2025
Capsule tenant owners with "patch namespace" permission can hijack system namespaces label
Critical
CVE-2025-55205
was published
for
github.com/projectcapsule/capsule
(Go)
Aug 18, 2025
Copier's safe template has arbitrary filesystem read/write access
High
CVE-2025-55201
was published
for
copier
(pip)
Aug 18, 2025
ProTip!
Advisories are also available from the
GraphQL API