GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,046
Composer 5,218
Erlang 40
GitHub Actions 40
Go 2,974
Maven 6,256
npm 4,621
NuGet 788
pip 4,317
Pub 12
RubyGems 984
Rust 1,131
Swift 49

Unreviewed advisories

All unreviewed 289,568

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

349 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... High Unreviewed

CVE-2026-1227 was published Feb 11, 2026

This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7... High Unreviewed

CVE-2026-21569 was published Jan 28, 2026

The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE)... High Unreviewed

CVE-2025-14478 was published Jan 17, 2026

Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that... High Unreviewed

CVE-2022-50899 was published Jan 14, 2026

Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML... High Unreviewed

CVE-2025-36589 was published Jan 6, 2026

KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the... High Unreviewed

CVE-2019-25253 was published Dec 24, 2025

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity ... High Unreviewed

CVE-2018-25142 was published Dec 24, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction... High Unreviewed

CVE-2025-61813 was published Dec 10, 2025

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML... High Unreviewed

CVE-2025-63917 was published Nov 17, 2025

N-central versions < 2025.4 are vulnerable to an XML External Entities injection leading to... High Unreviewed

CVE-2025-11700 was published Nov 12, 2025

A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity ... High Unreviewed

CVE-2025-63551 was published Nov 6, 2025

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external... High Unreviewed

CVE-2025-12531 was published Nov 3, 2025

Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and... High Unreviewed

CVE-2025-48006 was published Sep 29, 2025

Sangfor Behavior Management System (also referred to as DC Management System in Chinese-language... High Unreviewed

CVE-2023-7307 was published Aug 28, 2025

Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for... High Unreviewed

CVE-2025-4044 was published Aug 19, 2025

In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external... High Unreviewed

CVE-2025-8355 was published Aug 8, 2025

Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of... High Unreviewed

CVE-2025-54254 was published Aug 5, 2025

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics... High Unreviewed

CVE-2025-54445 was published Jul 23, 2025

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration... High Unreviewed

CVE-2025-7766 was published Jul 23, 2025

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity... High Unreviewed

CVE-2025-33121 was published Jun 19, 2025

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external... High Unreviewed

CVE-2025-36049 was published Jun 18, 2025

Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can... High Unreviewed

CVE-2025-44044 was published Jun 10, 2025

XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This... High Unreviewed

CVE-2025-27523 was published May 15, 2025

CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method... High Unreviewed

CVE-2025-4639 was published May 14, 2025

A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All... High Unreviewed

CVE-2024-51445 was published May 13, 2025

Previous1…14 Next

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

349 advisories