Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,386
Maven
3,027
npm
3,081
NuGet
529
pip
2,899
Pub
5
RubyGems
444
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
OpenClaw: Feishu thread history and quoted messages bypass sender allowlist Moderate
GHSA-877v-w3f5-3pcq was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Matrix thread root and reply context bypass sender allowlist Low
GHSA-rg8m-3943-vm6q was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: MSTeams thread history bypasses sender allowlist via Graph API Low
GHSA-chfm-xgc4-47rj was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: SSH-based sandbox backends pass unsanitized process.env to child processes Moderate
GHSA-j9pv-rrcj-6pfx was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Moderate
GHSA-fv94-qvg8-xqpw was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal High
GHSA-cwf8-44x6-32c2 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Media download follows cross-origin redirects with Authorization headers intact Moderate
GHSA-68v4-hmwv-f43h was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: MS Teams webhook parses body before JWT validation, enabling unauthenticated resource exhaustion Moderate
GHSA-p464-m8x6-vhv8 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode Moderate
GHSA-mhr7-2xmv-4c4q was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw runs Discord audio preflight transcription before member authorization Moderate
GHSA-hhff-fj5f-qg48 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Telnyx Webhook Replay Detection Bypass via Base64 Signature Re-encoding Low
GHSA-37v6-fxx8-xjmx was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md High
GHSA-xj9w-5r6q-x6v4 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS Moderate
GHSA-w85g-3h6x-4xh2 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Paired node escalates to gateway RCE via unrestricted node.event agent dispatch High
GHSA-gjm7-hw8f-73rq was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses Moderate
GHSA-rm5c-4rmf-vvhw was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade Moderate
CVE-2026-33578 was published for openclaw (npm) Apr 1, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw's device removal and token revocation do not terminate active WebSocket sessions High
CVE-2026-34503 was published for openclaw (npm) Mar 31, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw's message tool media parameter bypasses tool policy filesystem isolation High
CVE-2026-33581 was published for openclaw (npm) Mar 31, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Zalo channel downloads media before sender authorization Moderate
CVE-2026-33576 was published for openclaw (npm) Mar 31, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: node.pair.approve missing callerScopes validation allows low-privilege operator to approve malicious nodes Moderate
CVE-2026-33577 was published for openclaw (npm) Apr 1, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw affected by SSRF via unguarded image download in fal provider Low
CVE-2026-34504 was published for openclaw (npm) Apr 1, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw's Nextcloud Talk webhook missing rate limiting on shared secret authentication Moderate
CVE-2026-33580 was published for openclaw (npm) Mar 31, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation Critical
CVE-2026-33579 was published for openclaw (npm) Mar 31, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels Moderate
GHSA-h2v7-xc88-xx8c was published for openclaw (npm) Apr 7, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Tlon media downloads can bypass core safety limits and exhaust disk Moderate
GHSA-4g5x-2jfc-xm98 was published for openclaw (npm) Apr 7, 2026
AntAISecurityLab Credited to AntAISecurityLab
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database