GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
27,583 advisories
OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption
Moderate
CVE-2026-32018
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Node role device-identity bypass allows unauthorized node.event injection
Moderate
CVE-2026-32001
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From
High
GHSA-2ch6-x3g4-7759
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path
Moderate
CVE-2026-31995
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch
Moderate
GHSA-534w-2vm4-89xr
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has Canvas route hardening for mixed-trust deployments
Moderate
GHSA-cjv3-m589-v3rx
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains
High
CVE-2026-27566
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass
Moderate
CVE-2026-32039
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks
Moderate
GHSA-792q-qw95-f446
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's sandbox bind validation could bypass allowed-root and blocked-path checks via symlink-parent missing-leaf paths
High
CVE-2026-27523
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: Zip extraction symlink traversal could write outside destination
High
GHSA-jxrq-8fm4-9p58
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Nextcloud Talk webhook replay could trigger duplicate inbound processing
Moderate
CVE-2026-28449
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode
Low
GHSA-8mf7-vv8w-hjr2
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch
Moderate
CVE-2026-31998
was published
for
openclaw
(npm)
Mar 3, 2026
In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program
High
CVE-2026-32010
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallback
Moderate
CVE-2026-32006
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's voice-call Twilio replay dedupe now bound to authenticated webhook identity
Low
GHSA-gcj7-r3hg-m7w6
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has multiple E2E/test Dockerfiles that run all processes as root
High
GHSA-w7j5-j98m-w679
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has exec allowlist/safeBins policy-runtime mismatch via env -S wrapper interpretation
Moderate
GHSA-796m-2973-wc5q
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: Microsoft Teams media fetch paths bypass shared SSRF guard model
Low
GHSA-7qf6-h84j-8fq4
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's browser-origin WebSocket auth hardening gap could enable loopback password brute-force chains
Moderate
CVE-2026-32025
was published
for
openclaw
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API