GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
OpenClaw's Discord component interaction ingress skips guild/channel policy enforcement
Moderate
GHSA-jp4j-q5fc-58gv
was published
for
openclaw
(npm)
Mar 31, 2026
OpenClaw: LINE webhook handler lacks shared pre-auth concurrency budget before signature verification
Moderate
GHSA-qcc3-jqwp-5vh2
was published
for
openclaw
(npm)
Apr 2, 2026
OpenClaw: Discord Slash Commands Bypass Group DM Channel Allowlist
Moderate
GHSA-rvvf-6vh3-9j43
was published
for
openclaw
(npm)
Apr 3, 2026
OpenClaw: iOS A2UI bridge trusted generic local-network pages for agent.request dispatch
Moderate
GHSA-4p4f-fc8q-84m3
was published
for
openclaw
(npm)
Apr 7, 2026
OpenClaw: Discord Component Interaction Misclassifies Group DM as Direct Message
Moderate
GHSA-6336-qqw9-v6x6
was published
for
openclaw
(npm)
Apr 3, 2026
OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution
Moderate
CVE-2026-35659
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw has ACP CLI approval prompt ANSI escape sequence injection
Moderate
CVE-2026-35651
was published
for
openclaw
(npm)
Mar 29, 2026
OpenClaw: Synology Chat reply delivery could be rebound through username-based user resolution.
Moderate
CVE-2026-35670
was published
for
openclaw
(npm)
Mar 26, 2026
ProTip!
Advisories are also available from the
GraphQL API