GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,635 advisories
Mercurius: Incorrect Content-Type parsing can lead to CSRF attack
Moderate
CVE-2025-64166
was published
for
mercurius
(npm)
Mar 5, 2026
Hono Vulnerable to Cookie Attribute Injection via Unsanitized domain and path in setCookie()
Moderate
CVE-2026-29086
was published
for
hono
(npm)
Mar 4, 2026
Hono Vulnerable to SSE Control Field Injection via CR/LF in writeSSE()
Moderate
CVE-2026-29085
was published
for
hono
(npm)
Mar 4, 2026
OpenClaw: BlueBubbles (optional plugin) pairing/allowlist mismatch when allowFrom is empty
Moderate
GHSA-jwf4-8wf4-jf2m
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection
Moderate
GHSA-jjgj-cpp9-cvpv
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw's image tool bypasses tools.fs.workspaceOnly on sandbox mount paths and exfiltrates out-of-workspace images
Moderate
GHSA-q6qf-4p5j-r25g
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard
Moderate
GHSA-4rqq-w8v4-7p47
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization
Moderate
GHSA-f6h3-846h-2r8w
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP
Moderate
GHSA-8cp7-rp8r-mg77
was published
for
openclaw
(npm)
Mar 4, 2026
OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption
Moderate
GHSA-gq83-8q7q-9hfx
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Node role device-identity bypass allows unauthorized node.event injection
Moderate
GHSA-rv2q-f2h5-6xmg
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path
Moderate
GHSA-fg3m-vhrr-8gj6
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch
Moderate
GHSA-534w-2vm4-89xr
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has Canvas route hardening for mixed-trust deployments
Moderate
GHSA-cjv3-m589-v3rx
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass
Moderate
GHSA-wpph-cjgr-7c39
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks
Moderate
GHSA-792q-qw95-f446
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Nextcloud Talk webhook replay could trigger duplicate inbound processing
Moderate
GHSA-r9q5-c7qc-p26w
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch
Moderate
GHSA-gw85-xp4q-5gp9
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallback
Moderate
GHSA-25pw-4h6w-qwvm
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has exec allowlist/safeBins policy-runtime mismatch via env -S wrapper interpretation
Moderate
GHSA-796m-2973-wc5q
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's browser-origin WebSocket auth hardening gap could enable loopback password brute-force chains
Moderate
GHSA-jmmg-jqc7-5qf4
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw improperly parses X-Forwarded-For behind trusted proxies allows client IP spoofing in security decisions
Moderate
GHSA-2rgf-hm63-5qph
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths
Moderate
GHSA-27cr-4p5m-74rj
was published
for
openclaw
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API