GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5,851 advisories
Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability
Critical
GHSA-v38x-c887-992f
was published
for
flowise
(npm)
Apr 18, 2026
OpenClaw: QMD memory_get restricts reads to canonical or indexed memory paths
Moderate
GHSA-f934-5rqf-xx47
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Webchat media embedding enforces local-root containment for tool-result files
High
GHSA-mr34-9552-qr95
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Feishu webhook and card-action validation now fail closed
Critical
GHSA-xh72-v6v9-mwhc
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries
High
GHSA-2gvc-4f3c-2855
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
High
GHSA-xmxx-7p24-h892
was published
for
openclaw
(npm)
Apr 17, 2026
Remote Code Execution (RCE) via String Literal Injection into math-codegen
Critical
GHSA-p6x5-p4xf-cc4r
was published
for
math-codegen
(npm)
Apr 17, 2026
OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets
Moderate
GHSA-f7fh-qg34-x2xh
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure
Moderate
GHSA-jhpv-5j76-m56h
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: QQBot media tags could read arbitrary local files through reply text
High
GHSA-66r7-m7xm-v49h
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Matrix profile config persistence was reachable from operator.write message tools
High
GHSA-7jp6-r74r-995q
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Sandboxed agents could escape exec routing via host=node override
High
GHSA-736r-jwj6-4w23
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage
Moderate
GHSA-536q-mj95-h29h
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser interaction routes could pivot into local CDP and regain file reads
Moderate
GHSA-qmwg-qprg-3j38
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins
High
GHSA-939r-rj45-g2rj
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement
Moderate
GHSA-527m-976r-jf79
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser tabs action select and close routes bypassed SSRF policy
Moderate
GHSA-rj2p-j66c-mgqh
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Nostr profile mutation routes allowed operator.write config persistence
Moderate
GHSA-f3h5-h452-vp3j
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0
High
GHSA-525j-hqq2-66r4
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows
High
GHSA-82qx-6vj7-p8m2
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser SSRF policy default allowed private-network navigation
Moderate
GHSA-53vx-pmqw-863c
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding
Moderate
GHSA-xq94-r468-qwgj
was published
for
openclaw
(npm)
Apr 17, 2026
ProTip!
Advisories are also available from the
GraphQL API