GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
60 advisories
OpenClaw: Silent privilege escalation via gateway shared-auth reconnect
Critical
GHSA-fqw4-mph7-2vr8
was published
for
openclaw
(npm)
Mar 27, 2026
OpenClaw: Gateway Backend Reconnect lets Non-Admin Operator Scopes Self-Claim operator.admin
Critical
CVE-2026-35663
was published
for
openclaw
(npm)
Mar 27, 2026
OpenClaw: Gateway HTTP /sessions/:sessionKey/kill Reaches Admin Kill Path Without Caller Scope Binding
High
GHSA-9p93-7j67-5pc2
was published
for
openclaw
(npm)
Mar 27, 2026
OpenClaw's Conflicting Tool Identity Hints Bypass Dangerous-Tool Prompting
Moderate
CVE-2026-35655
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve
Critical
CVE-2026-35639
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens
Low
CVE-2026-35624
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation
Low
CVE-2026-35649
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete
Moderate
CVE-2026-35637
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Mattermost callback dispatch allowed non-allowlisted sender actions
Moderate
CVE-2026-35652
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw Exposes Credentials Embedded in baseUrl Fields via config.get and channels.status
Moderate
GHSA-ppwq-6v66-5m6j
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw may have stale policy enforcement for queued node actions
Low
CVE-2026-35648
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw has Inconsistent Host Exec Environment Override Sanitization
High
CVE-2026-35650
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Zalo webhook rate limiting could be bypassed before secret validation
Moderate
CVE-2026-34505
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Exec approval allowlist patterns overmatched on POSIX paths
Moderate
GHSA-f8r2-vg7x-gh8m
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Feishu reaction events could bypass group authorization and mention gating
Moderate
GHSA-m69h-jm2f-2pv8
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw's Zalouser allowlist authorization matched mutable group names by default
Moderate
GHSA-f5mf-3r52-r83w
was published
for
openclaw
(npm)
Mar 13, 2026
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists
Moderate
GHSA-9vvh-2768-c8vp
was published
for
openclaw
(npm)
Mar 13, 2026
ZeptoClaw: Email Sender Spoofing to bypass Header-Only From Allowlist Validation
Moderate
GHSA-4cm8-xpfv-jv6f
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
ZeptoClaw: Path boundary checks bypass via symlink, TOCTOU, and hardlink
High
CVE-2026-32232
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
ZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload data
High
CVE-2026-32231
was published
for
zeptoclaw
(Rust)
Mar 12, 2026
OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty
Moderate
CVE-2026-34506
was published
for
openclaw
(npm)
Mar 12, 2026
OpenClaw's `system.run` env override filtering allowed dangerous helper-command pivots
Moderate
GHSA-j425-whc4-4jgc
was published
for
openclaw
(npm)
Mar 9, 2026
zeptoclaw has Shell allowlist-blocklist bypass via command/argument injection and file name wildcards
Critical
GHSA-5wp8-q9mx-8jx8
was published
for
zeptoclaw
(Rust)
Mar 5, 2026
zeptoclaw has Android device shell blocklist bypass via argument permutation
High
GHSA-hhjv-jq77-cmvx
was published
for
zeptoclaw
(Rust)
Mar 5, 2026
OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP
Moderate
GHSA-8cp7-rp8r-mg77
was published
for
openclaw
(npm)
Mar 4, 2026
ProTip!
Advisories are also available from the
GraphQL API