Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,066
Maven
5,000+
npm
4,947
NuGet
825
pip
4,403
Pub
12
RubyGems
988
Rust
1,151
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,916 advisories

Loading
OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From High
GHSA-2ch6-x3g4-7759 was published for openclaw (npm) Mar 3, 2026
jiseoung Credited to jiseoung
OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains High
GHSA-jj82-76v6-933r was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's sandbox bind validation could bypass allowed-root and blocked-path checks via symlink-parent missing-leaf paths High
GHSA-m8v2-6wwh-r4gc was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Zip extraction symlink traversal could write outside destination High
GHSA-jxrq-8fm4-9p58 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw hook transform path containment missed symlink-resolved escapes High
GHSA-659f-22xc-98f2 was published for openclaw (npm) Mar 3, 2026
In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program High
GHSA-4gc7-qcvf-38wg was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has multiple E2E/test Dockerfiles that run all processes as root High
GHSA-w7j5-j98m-w679 was published for openclaw (npm) Mar 3, 2026
TerminalsandCoffee Credited to TerminalsandCoffee
OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt High
GHSA-7ff8-xjh3-mgh6 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class) High
GHSA-xgf2-vxv2-rrmg was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw affected by BASH_ENV / ENV startup-file injection into spawned shell commands High
GHSA-w9cg-v44m-4qv8 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Sandbox media fallback tmp symlink alias bypass allows host file reads outside sandboxRoot High
GHSA-xmv6-r34m-62p4 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks High
GHSA-g75x-8qqm-2vxp was published for openclaw (npm) Mar 3, 2026
jackhax Credited to jackhax
OpenClaw Improperly Neutralizes Line Breaks in systemd Unit Generation Enables Local Command Execution (Linux) High
GHSA-vffc-f7r7-rx2w was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation High
GHSA-pj5x-38rw-6fph was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's tools.exec.safeBins sort long-option abbreviation bypass can skip exec approval in allowlist mode High
GHSA-3c6h-g97w-fg78 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling High
GHSA-mqr9-vqhq-3jxw was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL High
GHSA-p4wh-cr8m-gm6c was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`) High
GHSA-5gj7-jf77-q2q2 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Sandboxed sessions_spawn(runtime="acp") bypassed sandbox inheritance and allowed host ACP initialization High
GHSA-474h-prjg-mmw3 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: ZIP extraction race could write outside destination via parent symlink rebind High
GHSA-r54r-wmmq-mh84 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's web tools strict URL guard could lose DNS pinning when env proxy is configured High
GHSA-8mvx-p2r9-r375 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: stageSandboxMedia destination symlink traversal can overwrite files outside sandbox workspace High
GHSA-cfvj-7rx7-fc7c was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
Ghost Vulnerable to Remote Code Execution via Malicious Themes High
CVE-2026-29053 was published for ghost (npm) Mar 3, 2026
cristianstaicu Credited to cristianstaicu
OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia High
GHSA-x9cf-3w63-rpq9 was published for openclaw (npm) Mar 3, 2026
zpbrent Credited to zpbrent
OpenClaw's config env vars allowed startup env injection into service runtime High
GHSA-8fmp-37rc-p5g7 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database