Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

273 advisories

Loading
File Browser share links remain accessible after Share/Download permissions are revoked High
CVE-2026-35604 was published for github.com/filebrowser/filebrowser/v2 (Go) Apr 8, 2026
kodareef5 Credited to kodareef5
pyLoad: Unprotected storage_folder enables arbitrary file write to Flask session store and code execution (Incomplete fix for CVE-2026-33509) High
CVE-2026-35464 was published for pyload-ng (pip) Apr 4, 2026
kodareef5 Credited to kodareef5
Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries High
CVE-2026-35442 was published for directus (npm) Apr 4, 2026
Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite High
CVE-2026-35412 was published for directus (npm) Apr 4, 2026
bugbunny-research Credited to bugbunny-research
LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint High
CVE-2026-35029 was published for litellm (pip) Apr 3, 2026
Juju has a resource poisoning vulnerability High
CVE-2025-68153 was published for github.com/juju/juju (Go) Apr 3, 2026
tlm Credited to tlm
OpenClaw: Node browser proxy `allowProfiles` bypass through persistent profile mutation and runtime profile selection High
GHSA-h5hg-h7rr-gpf3 was published for openclaw (npm) Apr 3, 2026
smaeljaish771 Credited to smaeljaish771
OpenClaw: Paired node escalates to gateway RCE via unrestricted node.event agent dispatch High
GHSA-gjm7-hw8f-73rq was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw: Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode High
GHSA-g374-mggx-p6xc was published for openclaw (npm) Apr 3, 2026
north-echo Credited to north-echo
OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md High
GHSA-xj9w-5r6q-x6v4 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
OpenClaw gateway exec allow-always over-trusts positional carrier executables High
GHSA-p4x4-2r7f-wjxg was published for openclaw (npm) Apr 1, 2026
nexrin Credited to nexrin
OpenClaw Gateway `operator.write` can reach admin-only session reset via `chat.send` `/reset` High
GHSA-5r8f-96gm-5j6g was published for openclaw (npm) Apr 1, 2026
zpbrent Credited to zpbrent
OpenClaw: Gateway `operator.write` can reach admin-only persisted `verboseLevel` via `chat.send` `/verbose` High
GHSA-5h2w-qmfp-ggp6 was published for openclaw (npm) Mar 31, 2026
zpbrent Credited to zpbrent
OpenClaw: Discord text `/approve` bypasses `channels.discord.execApprovals.approvers` and allows non-approvers to resolve pending exec approvals High
GHSA-98hh-7ghg-x6rq was published for openclaw (npm) Mar 31, 2026
tdjackey Credited to tdjackey
SiYuan: Unauthenticated Access to Password-Protected Bookmarks via /api/bookmark/getBookmark High
CVE-2026-34453 was published for github.com/siyuan-note/siyuan/kernel (Go) Mar 31, 2026
ngocnn97 Credited to ngocnn97
Duplicate Advisory: OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation High
GHSA-f275-5h5c-5wg5 was published for openclaw (npm) Mar 31, 2026 withdrawn
OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface High
GHSA-xp9r-prpg-373r was published for openclaw (npm) Mar 30, 2026
tdjackey Credited to tdjackey
OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin` High
GHSA-h4jx-hjr3-fhgc was published for openclaw (npm) Mar 29, 2026
zpbrent Credited to zpbrent
OpenClaw: `session_status` sessionId resolution bypasses sandboxed session-tree visibility High
GHSA-q2qc-744p-66r2 was published for openclaw (npm) Mar 29, 2026
nexrin Credited to nexrin
OpenClaw: Gateway Plugin HTTP Auth Grants Unrestricted operator.admin Runtime Scope to All Callers High
GHSA-qm2m-28pf-hgjw was published for openclaw (npm) Mar 27, 2026
zpbrent Credited to zpbrent
OpenClaw: Gateway HTTP /sessions/:sessionKey/kill Reaches Admin Kill Path Without Caller Scope Binding High
GHSA-9p93-7j67-5pc2 was published for openclaw (npm) Mar 27, 2026
zpbrent Credited to zpbrent
Moby has AuthZ plugin bypass when provided oversized request bodies High
CVE-2026-34040 was published for github.com/docker/docker (Go) Mar 27, 2026
vvoland Credited to vvoland and manizada manizada manizada
OpenClaw's Conflicting Tool Identity Hints Bypass Dangerous-Tool Prompting High
GHSA-74wf-h43j-vvmj was published for openclaw (npm) Mar 26, 2026
zpbrent Credited to zpbrent
OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals High
GHSA-mp66-rf4f-mhh8 was published for openclaw (npm) Mar 26, 2026
OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper High
GHSA-qm9x-v7cx-7rq4 was published for openclaw (npm) Mar 26, 2026
YLChen-007 Credited to YLChen-007
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database