GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
22,787 advisories
Gokapi vulnerable to stored XSS via uploading file with malicious file name
Moderate
CVE-2025-48494
was published
for
github.com/forceu/gokapi
(Go)
Jun 3, 2025
Gokapi has stored XSS vulnerability in friendly name for API keys
Moderate
CVE-2025-48495
was published
for
github.com/forceu/gokapi
(Go)
Jun 3, 2025
Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization
Critical
CVE-2025-49113
was published
for
roundcube/roundcubemail
(Composer)
Jun 2, 2025
Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
Moderate
CVE-2025-48938
was published
for
github.com/cli/go-gh/v2
(Go)
May 30, 2025
Gradio Allows Unauthorized File Copy via Path Manipulation
Moderate
CVE-2025-48889
was published
for
gradio
(pip)
May 29, 2025
ProTip!
Advisories are also available from the
GraphQL API