Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

75 advisories

Loading
Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR` High
CVE-2026-49986 was published for neuro-cortex-memory (pip) Jul 1, 2026
EQSTLab Credited to EQSTLab and useworld useworld useworld
pnpm: Repository-controlled configDependencies can select a pacquet native install engine High
CVE-2026-55697 was published for pnpm (npm) Jun 26, 2026
pnpm: Manifest identity spoof satisfies allowBuilds and runs attacker lifecycle High
CVE-2026-55487 was published for pnpm (npm) Jun 26, 2026
containerd: CRI checkpoint import allows local image tag poisoning Moderate
CVE-2026-50195 was published for github.com/containerd/containerd/v2 (Go) Jun 19, 2026
hbeberman Credited to hbeberman and robertprast robertprast robertprast
[Eclipse Theia] Indirect Prompt Injection via Auto-Loaded Workspace Prompt Template Files in AI Chat High
CVE-2026-46580 was published for @theia/ai-chat (npm) Jun 18, 2026
[Eclipse Theia] Arbitrary Command Execution via Untrusted Workspace Task Definitions High
CVE-2026-44691 was published for @theia/debug (npm) Jun 18, 2026
[Eclipse Theia] Indirect Prompt Injection via Adversarial Workspace File and Directory Names in AI Chat High
CVE-2026-44688 was published for @theia/ai-chat (npm) Jun 18, 2026
Pi Agent: Pi loads project-local extensions without approval Moderate
CVE-2026-54325 was published for @earendil-works/pi-coding-agent (npm) Jun 17, 2026
qerogram Credited to qerogram, urianpaul94, EQSTLab, kamalmarhubi, and useworld urianpaul94 urianpaul94
EQSTLab EQSTLab kamalmarhubi kamalmarhubi useworld useworld
OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere High
CVE-2026-43003 was published for ironic-python-agent (pip) May 1, 2026
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL Moderate
CVE-2026-22217 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content Moderate
CVE-2026-44312 was published for css_parser (RubyGems) May 7, 2026
JLLeitschuh Credited to JLLeitschuh
OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere Moderate
CVE-2026-42510 was published for ironic (pip) Apr 28, 2026
SnailSploit Credited to SnailSploit
yeoman-environment Vulnerable to Arbitrary Package Installation without User Confirmation High
CVE-2026-42089 was published for yeoman-environment (npm) May 26, 2026
mshima Credited to mshima, UlisesGascon, and 0xmrma UlisesGascon UlisesGascon
0xmrma 0xmrma
OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config Moderate
CVE-2026-44995 was published for openclaw (npm) Apr 25, 2026
garagon Credited to garagon
Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs Moderate
CVE-2026-45711 was published for github.com/axllent/mailpit (Go) May 19, 2026
KadirArslan Credited to KadirArslan
Duplicate Advisory: OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config Moderate
GHSA-p3m6-jr2h-hhxj was published for openclaw (npm) May 11, 2026 withdrawn
Electerm users can run dangrous code through link or command line Critical
CVE-2026-43944 was published for electerm (npm) May 8, 2026
amwhoi Credited to amwhoi
PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection Critical
CVE-2026-44336 was published for PraisonAI (pip) May 11, 2026
amwhoi Credited to amwhoi
Electerm runWidget has a path traversal that leads to arbitrary code execution Critical
CVE-2026-43940 was published for electerm (npm) May 8, 2026
osageling Credited to osageling
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins High
CVE-2026-43569 was published for openclaw (npm) Apr 17, 2026
zpbrent Credited to zpbrent
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows High
CVE-2026-43571 was published for openclaw (npm) Apr 17, 2026
zsxsoft Credited to zsxsoft, KeenSecurityLab, and qclawer KeenSecurityLab KeenSecurityLab
qclawer qclawer
OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code High
CVE-2026-41336 was published for openclaw (npm) Apr 2, 2026
nexrin Credited to nexrin, KeenSecurityLab, and qclawer KeenSecurityLab KeenSecurityLab
qclawer qclawer
ProTip! Advisories are also available from the GraphQL API