Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,227
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,502
Pub
12
RubyGems
995
Rust
1,187
Swift
51
Unreviewed advisories
All unreviewed
5,000+

186 advisories

Loading
In MDDP, there is a possible system crash due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2026-20445 was published Mar 2, 2026
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference... Moderate Unreviewed
CVE-2025-22850 was published Mar 11, 2026
OpenClaw's system.run approvals did not bind mutable script operands across approval and execution Moderate
GHSA-8g75-q649-6pv6 was published for openclaw (npm) Mar 12, 2026
tdjackey Credited to tdjackey
OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path Moderate
GHSA-vhwf-4x96-vqx2 was published for openclaw (npm) Mar 12, 2026
tdjackey Credited to tdjackey
OpenClaw: Sandbox `writeFile` commit could race outside the validated path Moderate
GHSA-xvx8-77m6-gwg6 was published for openclaw (npm) Mar 13, 2026
qi-scape Credited to qi-scape
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and... Moderate Unreviewed
CVE-2023-52556 was published Mar 1, 2024
OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows Moderate
CVE-2026-22180 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while... Moderate Unreviewed
CVE-2025-71225 was published Feb 18, 2026
In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races... Moderate Unreviewed
CVE-2026-23212 was published Feb 18, 2026
OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv[0]... Moderate Unreviewed
CVE-2026-31997 was published Mar 19, 2026
OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that... Moderate Unreviewed
CVE-2026-27670 was published Mar 19, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database