Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,272
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,521
Pub
12
RubyGems
1,007
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

27,583 advisories

Loading
OpenClaw has a sandbox network isolation bypass via docker.network=container:<id> Moderate
CVE-2026-32038 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw: Node system.run approval bypass via parent-symlink cwd rebind High
CVE-2026-27545 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw: Message action attachment hydration bypasses local media root checks when sandboxRoot is unset High
CVE-2026-27522 was published for openclaw (npm) Mar 2, 2026
GCXWLP Credited to GCXWLP
OpenClaw: system.run approval identity mismatch could execute a different binary than displayed High
GHSA-hwpq-rrpf-pgcq was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw: Gateway /tools/invoke tool escalation + ACP permission auto-approval High
GHSA-943q-mwmv-hhvh was published for openclaw (npm) Mar 2, 2026
aether-ai-agent Credited to aether-ai-agent
OpenClaw Vulnerable to Remote Code Execution via Node Invoke Approval Bypass in Gateway Critical
CVE-2026-28466 was published for openclaw (npm) Mar 2, 2026
222n5 Credited to 222n5
OpenClaw vulnerable to path traversal (Zip Slip) in archive extraction during explicit installation commands Moderate
CVE-2026-28486 was published for openclaw (npm) Mar 2, 2026
markmusson Credited to markmusson
OpenClaw's sandbox skill mirroring path traversal vulnerability could write outside the sandbox workspace Moderate
CVE-2026-28457 was published for openclaw (npm) Mar 2, 2026
1seal Credited to 1seal
OpenClaw has non-constant-time token comparison in hooks authentication High
CVE-2026-28464 was published for openclaw (npm) Mar 2, 2026
akhmittra Credited to akhmittra
OpenClaw: Config writes could persist resolved ${VAR} secrets to disk Moderate
CVE-2026-28475 was published for openclaw (npm) Mar 2, 2026
Abeyron Credited to Abeyron
OpenClaw has Zip Slip path traversal in tar archive extraction High
CVE-2026-28453 was published for openclaw (npm) Mar 2, 2026
xuemian168 Credited to xuemian168 and ShangzhiXu ShangzhiXu ShangzhiXu
OpenClaw gateway agents.files symlink escape allowed out-of-workspace file read/write Critical
CVE-2026-32013 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows Moderate
GHSA-hjvp-qhm6-wrh2 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw voice-call media stream validated streams after upgrade, which could allow pre-start unauthenticated sockets to increase resource pressure High
CVE-2026-32062 was published for @openclaw/voice-call (npm) Mar 2, 2026
jiseoung Credited to jiseoung
OpenClaw's inbound media downloads could exceed configured byte limits before rejection across multiple channels Moderate
GHSA-rxxp-482v-7mrh was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability High
GHSA-jq4x-98m3-ggq6 was published for openclaw (npm) Mar 2, 2026
zdi-disclosures Credited to zdi-disclosures
OpenClaw's exec allow-always can be bypassed via unrecognized multiplexer shell wrappers (busybox/toybox sh -c) Moderate
CVE-2026-22175 was published for openclaw (npm) Mar 2, 2026
jiseoung Credited to jiseoung
OpenClaw: Node exec approvals could be replayed across nodes Moderate
GHSA-6x2m-hqfw-hvpj was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution Moderate
CVE-2026-29607 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw's Control UI Static File Handler Follows Symlinks and Allows Out-of-Root File Read Low
CVE-2026-32020 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw has browser trace/download path symlink escape in temp output handling Moderate
GHSA-36h3-7c54-j27r was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw has ReDoS and regex injection via unescaped Feishu mention metadata in RegExp construction Moderate
CVE-2026-22178 was published for openclaw (npm) Mar 2, 2026
OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains Low
CVE-2026-31993 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw has Windows system.run approval mismatch on cmd.exe /c trailing arguments High
CVE-2026-22168 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
OpenClaw has Signal group allowlist authorization bypass via DM pairing-store leakage Low
CVE-2026-31991 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database