GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,241 advisories
OpenClaw gateway exec allow-always over-trusts positional carrier executables
High
GHSA-p4x4-2r7f-wjxg
was published
for
openclaw
(npm)
Apr 1, 2026
OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade
Moderate
CVE-2026-33578
was published
for
openclaw
(npm)
Apr 1, 2026
OpenClaw Gateway `operator.write` can reach admin-only session reset via `chat.send` `/reset`
High
GHSA-5r8f-96gm-5j6g
was published
for
openclaw
(npm)
Apr 1, 2026
OpenClaw: node.pair.approve missing callerScopes validation allows low-privilege operator to approve malicious nodes
Moderate
CVE-2026-33577
was published
for
openclaw
(npm)
Apr 1, 2026
OpenClaw: Gateway `operator.write` can reach admin-only persisted `verboseLevel` via `chat.send` `/verbose`
High
GHSA-5h2w-qmfp-ggp6
was published
for
openclaw
(npm)
Mar 31, 2026
OpenClaw: Feishu extension resolveUploadInput bypasses file-system sandbox and allows arbitrary file reads via upload_image
Moderate
GHSA-qf48-qfv4-jjm9
was published
for
openclaw
(npm)
Mar 31, 2026
OpenClaw: Discord text `/approve` bypasses `channels.discord.execApprovals.approvers` and allows non-approvers to resolve pending exec approvals
High
GHSA-98hh-7ghg-x6rq
was published
for
openclaw
(npm)
Mar 31, 2026
OpenClaw: Zalo channel downloads media before sender authorization
Moderate
CVE-2026-33576
was published
for
openclaw
(npm)
Mar 31, 2026
OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation
High
GHSA-hc5h-pmr3-3497
was published
for
openclaw
(npm)
Mar 31, 2026
parse-server has cloud function validator bypass via prototype chain traversal
Critical
CVE-2026-34532
was published
for
parse-server
(npm)
Mar 31, 2026
SiYuan: Unauthenticated Access to Password-Protected Bookmarks via /api/bookmark/getBookmark
High
CVE-2026-34453
was published
for
github.com/siyuan-note/siyuan/kernel
(Go)
Mar 31, 2026
OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface
High
GHSA-xp9r-prpg-373r
was published
for
openclaw
(npm)
Mar 30, 2026
OpenClaw has a Gateway HTTP /v1/models Route Bypasses Operator Read Scope
Moderate
GHSA-68f8-9mhj-h2mp
was published
for
openclaw
(npm)
Mar 30, 2026
AVideo has User Group-Based Category Access Control Bypass via Missing and Broken Group Filtering in categories.json.php
Moderate
CVE-2026-34364
was published
for
wwbn/avideo
(Composer)
Mar 30, 2026
OpenClaw: Telegram DM-Scoped Inline Button Callbacks Bypass DM Pairing and Mutate Session State
Moderate
GHSA-j4c9-w69r-cw33
was published
for
openclaw
(npm)
Mar 29, 2026
OpenClaw: MS Teams Feedback Invocation Bypasses Sender Allowlists and Records Unauthorized Session Feedback
Moderate
GHSA-rf6h-5gpw-qrgq
was published
for
openclaw
(npm)
Mar 29, 2026
OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`
High
GHSA-h4jx-hjr3-fhgc
was published
for
openclaw
(npm)
Mar 29, 2026
OpenClaw: Feishu Raw Card Send Surface Can Mint Legacy Card Callbacks That Bypass DM Pairing
Moderate
GHSA-77w2-crqv-cmv3
was published
for
openclaw
(npm)
Mar 29, 2026
OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName
Moderate
GHSA-52q4-3xjc-6778
was published
for
openclaw
(npm)
Mar 29, 2026
ProTip!
Advisories are also available from the
GraphQL API