GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains
High
GHSA-6r77-hqx7-7vw8
was published
for
flowise
(npm)
Apr 16, 2026
OpenClaw Host-Exec Environment Variable Injection
Moderate
GHSA-w9j9-w4cp-6wgr
was published
for
openclaw
(npm)
Apr 9, 2026
OpenClaw: Windows-compatible env override keys could bypass system.run approval binding
Moderate
GHSA-98ch-45wp-ch47
was published
for
openclaw
(npm)
Apr 7, 2026
OpenClaw's complex interpreter pipelines could skip exec script preflight validation
Moderate
CVE-2026-34425
was published
for
openclaw
(npm)
Apr 6, 2026
OpenClaw: Media Parsing Path Traversal Leads to Arbitrary File Read
High
GHSA-f6pf-4gjx-c94r
was published
for
openclaw
(npm)
Apr 3, 2026
ProTip!
Advisories are also available from the
GraphQL API