GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28,575 advisories
PickleScan has multiple stdlib modules with direct RCE not in blocklist
Critical
GHSA-g38g-8gr9-h9xp
was published
for
picklescan
(pip)
Mar 3, 2026
PickleScan's pkgutil.resolve_name has a universal blocklist bypass
Critical
GHSA-vvpj-8cmc-gx39
was published
for
picklescan
(pip)
Mar 3, 2026
PickleScan's profile.run blocklist mismatch allows exec() bypass
Critical
GHSA-7wx9-6375-f5wh
was published
for
picklescan
(pip)
Mar 3, 2026
WWBN AVideo is vulnerable to unauthenticated OS Command Injection via base64Url in objects/getImage.php
Critical
CVE-2026-29058
was published
for
wwbn/avideo
(Composer)
Mar 3, 2026
Ghost Vulnerable to Remote Code Execution via Malicious Themes
High
CVE-2026-29053
was published
for
ghost
(npm)
Mar 3, 2026
OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia
High
CVE-2026-32030
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw vulnerable to arbitrary file read via $include directive
Moderate
CVE-2026-32061
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's system.run allowlist bypass via shell line-continuation command substitution
Moderate
CVE-2026-28460
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's config env vars allowed startup env injection into service runtime
High
CVE-2026-22177
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's shell env fallback trusts unvalidated SHELL path from host environment
High
CVE-2026-32032
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's tools.exec.safeBins trusted PATH directories allowed binary shadowing in allowlist mode
Moderate
GHSA-qhrr-grqp-6x2g
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress
Moderate
CVE-2026-32899
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's system.run shell-wrapper positional argv carriers could execute hidden commands under misleading approval text
Moderate
CVE-2026-32052
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's system.run approval TOCTOU via mutable symlink cwd target on node host
Moderate
CVE-2026-32043
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's andbox browser noVNC observer lacked VNC authentication
High
CVE-2026-32064
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw DM pairing-store identities could satisfy group allowlist authorization
High
CVE-2026-32027
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's dispatch-wrapper depth-cap mismatch can bypass shell-wrapper approval gating in system.run allowlist mode
Moderate
CVE-2026-32023
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's voice-call Twilio webhook replay could bypass manager dedupe because normalized event IDs were randomized per parse
Moderate
CVE-2026-32053
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw safeBins grep -e File Read Bypass (stdin-only policy bypass)
Moderate
CVE-2026-32022
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: Unauthorized Telegram Senders Trigger Media Download and Disk Write Before Access Check
Moderate
GHSA-h656-5vcf-cm23
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: Native prompt image auto-load did not honor tools.fs.workspaceOnly in sandboxed runs
High
GHSA-9f72-qcpw-2hxc
was published
for
openclaw
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API