GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5,911 advisories
OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement
Moderate
GHSA-527m-976r-jf79
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser tabs action select and close routes bypassed SSRF policy
Moderate
GHSA-rj2p-j66c-mgqh
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Nostr profile mutation routes allowed operator.write config persistence
Moderate
GHSA-f3h5-h452-vp3j
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0
High
GHSA-525j-hqq2-66r4
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows
High
GHSA-82qx-6vj7-p8m2
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser SSRF policy default allowed private-network navigation
Moderate
GHSA-53vx-pmqw-863c
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding
Moderate
GHSA-xq94-r468-qwgj
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes
Moderate
GHSA-2767-2q9v-9326
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Workspace .env could inject OpenClaw runtime-control variables
Moderate
GHSA-7wv4-cc7p-jhxc
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Discord event cover images bypassed sandbox media normalization
Moderate
GHSA-c9h3-5p7r-mrjh
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Empty approver lists could grant explicit approval authorization
Moderate
GHSA-49cg-279w-m73x
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input
Moderate
GHSA-7g8c-cfr3-vqqr
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Exec environment denylist missed high-risk interpreter startup variables
High
GHSA-vfp4-8x56-j7c5
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Memory dreaming config persistence was reachable from operator.write commands
Moderate
GHSA-5gjc-grvm-m88j
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks
Low
GHSA-gc9r-867r-j85f
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay
Low
GHSA-r77c-2cmr-7p47
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Heartbeat owner downgrade missed local async exec completion events
Moderate
GHSA-g375-h3v6-4873
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Voice-call realtime WebSocket accepted oversized frames
High
GHSA-vw3h-q6xq-jjm5
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events
Moderate
GHSA-g2hm-779g-vm32
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation
Moderate
GHSA-c4qm-58hj-j6pj
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases
High
GHSA-8372-7vhw-cm6q
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Collect-mode queue batches could reuse the last sender authorization context
Moderate
GHSA-jwrq-8g5x-5fhm
was published
for
openclaw
(npm)
Apr 17, 2026
Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse via stored credentials
High
CVE-2026-41279
was published
for
flowise
(npm)
Apr 17, 2026
ProTip!
Advisories are also available from the
GraphQL API