GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
32 advisories
OpenClaw's Conflicting Tool Identity Hints Bypass Dangerous-Tool Prompting
High
GHSA-74wf-h43j-vvmj
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve
Critical
GHSA-hf68-49fm-59cq
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens
Moderate
GHSA-xhq5-45pm-2gjr
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation
Low
GHSA-pw7h-9g6p-c378
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete
Moderate
GHSA-vfg3-pqpq-93m4
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Mattermost callback dispatch allowed non-allowlisted sender actions
Moderate
GHSA-8883-9w57-vwv6
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw Exposes Credentials Embedded in baseUrl Fields via config.get and channels.status
Moderate
GHSA-ppwq-6v66-5m6j
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw may have stale policy enforcement for queued node actions
Moderate
GHSA-wj55-88gf-x564
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw has Inconsistent Host Exec Environment Override Sanitization
High
GHSA-39pp-xp36-q6mg
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Zalo webhook rate limiting could be bypassed before secret validation
Moderate
GHSA-5m9r-p9g7-679c
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Exec approval allowlist patterns overmatched on POSIX paths
Moderate
GHSA-f8r2-vg7x-gh8m
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Feishu reaction events could bypass group authorization and mention gating
Moderate
GHSA-m69h-jm2f-2pv8
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw's Zalouser allowlist authorization matched mutable group names by default
Moderate
GHSA-f5mf-3r52-r83w
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists
Moderate
GHSA-9vvh-2768-c8vp
was published
for
openclaw
(npm)
Mar 13, 2026
ZeptoClaw: Email Sender Spoofing to bypass Header-Only From Allowlist Validation
Moderate
GHSA-4cm8-xpfv-jv6f
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
ZeptoClaw: Path boundary checks bypass via symlink, TOCTOU, and hardlink
High
CVE-2026-32232
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
ZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload data
High
CVE-2026-32231
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty
Moderate
GHSA-g7cr-9h7q-4qxq
was published
for
openclaw
(npm)
Mar 12, 2026
OpenClaw's `system.run` env override filtering allowed dangerous helper-command pivots
Moderate
GHSA-j425-whc4-4jgc
was published
for
openclaw
(npm)
Mar 9, 2026
zeptoclaw has Shell allowlist-blocklist bypass via command/argument injection and file name wildcards
Critical
GHSA-5wp8-q9mx-8jx8
was published
for
zeptoclaw
(Rust)
Mar 5, 2026
zeptoclaw has Android device shell blocklist bypass via argument permutation
High
GHSA-hhjv-jq77-cmvx
was published
for
zeptoclaw
(Rust)
Mar 5, 2026
OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP
Moderate
GHSA-8cp7-rp8r-mg77
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw has a IPv6 multicast SSRF classifier bypass
Moderate
GHSA-h97f-6pqj-q452
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: BlueBubbles beta plugin webhook auth hardening (remove passwordless fallback)
Moderate
GHSA-5mx2-2mgw-x8rm
was published
for
openclaw/openclaw
(npm)
Mar 3, 2026
OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia
High
CVE-2026-32030
was published
for
openclaw
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API