Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,066
Maven
5,000+
npm
4,947
NuGet
825
pip
4,403
Pub
12
RubyGems
988
Rust
1,151
Swift
50
Unreviewed advisories
All unreviewed
5,000+

4,948 advisories

Loading
OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption Moderate
GHSA-gq83-8q7q-9hfx was published for openclaw (npm) Mar 3, 2026
kexinoh Credited to kexinoh
OpenClaw's Node role device-identity bypass allows unauthorized node.event injection Moderate
GHSA-rv2q-f2h5-6xmg was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From High
GHSA-2ch6-x3g4-7759 was published for openclaw (npm) Mar 3, 2026
jiseoung Credited to jiseoung
OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path Moderate
GHSA-fg3m-vhrr-8gj6 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch Moderate
GHSA-534w-2vm4-89xr was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has Canvas route hardening for mixed-trust deployments Moderate
GHSA-cjv3-m589-v3rx was published for openclaw (npm) Mar 3, 2026
NucleiAv Credited to NucleiAv
OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains High
GHSA-jj82-76v6-933r was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass Moderate
GHSA-wpph-cjgr-7c39 was published for openclaw (npm) Mar 3, 2026
jiseoung Credited to jiseoung
OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks Moderate
GHSA-792q-qw95-f446 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's sandbox bind validation could bypass allowed-root and blocked-path checks via symlink-parent missing-leaf paths High
GHSA-m8v2-6wwh-r4gc was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Zip extraction symlink traversal could write outside destination High
GHSA-jxrq-8fm4-9p58 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's Nextcloud Talk webhook replay could trigger duplicate inbound processing Moderate
GHSA-r9q5-c7qc-p26w was published for openclaw (npm) Mar 3, 2026
aristorechina Credited to aristorechina
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode Low
GHSA-8mf7-vv8w-hjr2 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch Moderate
GHSA-gw85-xp4q-5gp9 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback Low
GHSA-v6x2-2qvm-6gv8 was published for openclaw (npm) Mar 3, 2026
OpenClaw hook transform path containment missed symlink-resolved escapes High
GHSA-659f-22xc-98f2 was published for openclaw (npm) Mar 3, 2026
In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program High
GHSA-4gc7-qcvf-38wg was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallback Moderate
GHSA-25pw-4h6w-qwvm was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's voice-call Twilio replay dedupe now bound to authenticated webhook identity Low
GHSA-gcj7-r3hg-m7w6 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has multiple E2E/test Dockerfiles that run all processes as root High
GHSA-w7j5-j98m-w679 was published for openclaw (npm) Mar 3, 2026
TerminalsandCoffee Credited to TerminalsandCoffee
OpenClaw has exec allowlist/safeBins policy-runtime mismatch via env -S wrapper interpretation Moderate
GHSA-796m-2973-wc5q was published for openclaw (npm) Mar 3, 2026
jiseoung Credited to jiseoung
OpenClaw: Microsoft Teams media fetch paths bypass shared SSRF guard model Low
GHSA-7qf6-h84j-8fq4 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's browser-origin WebSocket auth hardening gap could enable loopback password brute-force chains Moderate
GHSA-jmmg-jqc7-5qf4 was published for openclaw (npm) Mar 3, 2026
luz-oasis Credited to luz-oasis
OpenClaw improperly parses X-Forwarded-For behind trusted proxies allows client IP spoofing in security decisions Moderate
GHSA-2rgf-hm63-5qph was published for openclaw (npm) Mar 3, 2026
AnthonyDiSanti Credited to AnthonyDiSanti and vincentkoc vincentkoc vincentkoc
OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt High
GHSA-7ff8-xjh3-mgh6 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database