GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
9 advisories
npm PraisonAI MCPSecurity Basic/OAuth authentication policies accept invalid credentials without validation
High
GHSA-4qq2-2j2x-x62c
was published
for
praisonai
(npm)
Jun 18, 2026
FUXA Vulnerable to Pre-auth RCE via Path Manipulation & Configuration Injection
High
CVE-2026-43945
was published
for
@frangoteam/fuxa
(npm)
May 26, 2026
OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement
High
CVE-2026-42432
was published
for
openclaw
(npm)
Apr 9, 2026
OpenClaw has encoded-path auth bypass in plugin `/api/channels` route classification
High
CVE-2026-32004
was published
for
openclaw
(npm)
Mar 3, 2026
@fastify/express vulnerable to Improper Handling of URL Encoding (Hex Encoding)
High
CVE-2026-22037
was published
for
@fastify/express
(npm)
Jan 20, 2026
ProTip!
Advisories are also available from the
GraphQL API