GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9 advisories
OpenClaw: Agentic Consent Bypass — LLM Agent Can Silently Disable Exec Approval via `config.patch`
High
GHSA-v3qc-wrwx-j3pw
was published
for
openclaw
(npm)
Apr 3, 2026
OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config
High
GHSA-vfw7-6rhc-6xxg
was published
for
openclaw
(npm)
Apr 7, 2026
OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`
Moderate
CVE-2026-35667
was published
for
openclaw
(npm)
Mar 30, 2026
OpenClaw has Sandbox Media Root Bypass via Unnormalized `mediaUrl` / `fileUrl` Parameter Keys (CWE-22)
High
CVE-2026-35668
was published
for
openclaw
(npm)
Mar 30, 2026
OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper
High
CVE-2026-35666
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts
Moderate
CVE-2026-35658
was published
for
openclaw
(npm)
Mar 26, 2026
OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)
High
CVE-2026-35629
was published
for
openclaw
(npm)
Mar 29, 2026
Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server
High
GHSA-45q2-gjvg-7973
was published
for
@angular/platform-server
(npm)
Apr 16, 2026
OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)
Moderate
CVE-2026-35632
was published
for
openclaw
(npm)
Mar 26, 2026
ProTip!
Advisories are also available from the
GraphQL API