GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
12 advisories
OpenClaw: Telegram legacy allowFrom migration fans default-account trust into all named accounts
Moderate
GHSA-f693-58pc-2gfr
was published
for
openclaw
(npm)
Apr 3, 2026
OpenClaw session transcript files were created without forced user-only permissions
Moderate
CVE-2026-33572
was published
for
openclaw
(npm)
Mar 16, 2026
OpenClaw's sandboxed sessions_spawn now enforces sandbox inheritance for cross-agent spawns
Moderate
CVE-2026-32048
was published
for
openclaw
(npm)
Mar 2, 2026
Duplicate Advisory: npm cli Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
High
CVE-2026-0775
was published
for
npm
(npm)
Jan 23, 2026
•
withdrawn
pnpm has Path Traversal via arbitrary file permission modification
Moderate
CVE-2026-24131
was published
for
pnpm
(npm)
Jan 26, 2026
@tanstack/form-core prototype pollution
High
CVE-2024-57068
was published
for
@tanstack/form-core
(npm)
Feb 6, 2025
ProTip!
Advisories are also available from the
GraphQL API