Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

136 advisories

Loading
OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation High
CVE-2026-22176 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has a Discord `allowFrom` slug-collision authorization bypass Moderate
GHSA-4cqv-h74h-93j4 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has auth inconsistency on local Browser Extension Relay /extension endpoint Moderate
GHSA-pfv7-rr5m-qmv6 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's tools.exec.safeBins sort long-option abbreviation bypass can skip exec approval in allowlist mode High
CVE-2026-32059 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has macOS `system.run` allowlist bypass via quoted command substitution High
CVE-2026-22179 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths Moderate
GHSA-5h2c-8v84-qpvr was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth Moderate
GHSA-553v-f69r-656j was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling High
CVE-2026-31994 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Experimental apply_patch may bypass workspace-only checks in opt-in sandbox mounts (off by default) High
CVE-2026-32007 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: MS Teams fileConsent/invoke missing conversation binding allowed cross-conversation pending-upload consumption Moderate
GHSA-j26j-7qc4-3mrf was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL High
CVE-2026-22217 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`) High
CVE-2026-32009 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Discord voice transcript owner-flag omission could expose owner-only tools in mixed-trust channels Moderate
CVE-2026-32035 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Sandboxed sessions_spawn(runtime="acp") bypassed sandbox inheritance and allowed host ACP initialization High
GHSA-474h-prjg-mmw3 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw has encoded-path auth bypass in plugin `/api/channels` route classification High
CVE-2026-32004 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Discord DM reaction ingress missed dmPolicy/allowFrom checks in restricted setups Moderate
CVE-2026-32028 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: ZIP extraction race could write outside destination via parent symlink rebind High
CVE-2026-28483 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows Moderate
CVE-2026-22180 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's web tools strict URL guard could lose DNS pinning when env proxy is configured Moderate
CVE-2026-22181 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts Moderate
CVE-2026-29608 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: Node camera URL payload host-binding bypass allowed gateway fetch pivots Moderate
GHSA-2858-xg23-26fp was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw: stageSandboxMedia destination symlink traversal can overwrite files outside sandbox workspace High
CVE-2026-31990 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's system.run allowlist bypass via shell line-continuation command substitution Moderate
CVE-2026-28460 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's config env vars allowed startup env injection into service runtime Moderate
CVE-2026-22177 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
OpenClaw's tools.exec.safeBins trusted PATH directories allowed binary shadowing in allowlist mode Moderate
GHSA-qhrr-grqp-6x2g was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database