GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
37 advisories
Mermaid: Improper sanitization of configuration leads to CSS injection
Moderate
CVE-2026-41159
was published
for
mermaid
(npm)
May 11, 2026
Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
Moderate
CVE-2026-41149
was published
for
mermaid
(npm)
May 11, 2026
OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes
High
GHSA-cwj3-vqpp-pmxr
was published
for
openclaw
(npm)
May 5, 2026
OpenClaw's Gateway Control UI bootstrap config required Gateway auth
Moderate
GHSA-93rg-2xm5-2p9v
was published
for
openclaw
(npm)
May 4, 2026
OpenClaw's ACP child sessions inherit subagent security envelope constraints
Moderate
CVE-2026-44997
was published
for
openclaw
(npm)
May 4, 2026
OpenClaw: Webchat audio embedding could read local files without local-root containment
Moderate
GHSA-gfg9-5357-hv4c
was published
for
openclaw
(npm)
Apr 29, 2026
OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners
Moderate
CVE-2026-44991
was published
for
openclaw
(npm)
Apr 29, 2026
OpenClaw: Agent gateway config mutations could change protected operator settings
Moderate
GHSA-7jm2-g593-4qrc
was published
for
openclaw
(npm)
Apr 25, 2026
OpenClaw: Bundled MCP/LSP tools could bypass configured tool policy
Moderate
GHSA-qrp5-gfw2-gxv4
was published
for
openclaw
(npm)
Apr 25, 2026
OpenClaw: Isolated cron awareness events were recorded as trusted system events
Low
CVE-2026-44999
was published
for
openclaw
(npm)
Apr 25, 2026
OpenClaw: Feishu card actions could misclassify DMs and skip dmPolicy
Moderate
GHSA-72q8-jcmc-97wx
was published
for
openclaw
(npm)
Apr 25, 2026
OpenClaw: Hook mapping templates could bypass hook session-key opt-in
Moderate
CVE-2026-45002
was published
for
openclaw
(npm)
Apr 25, 2026
OpenClaw: QMD memory_get restricts reads to canonical or indexed memory paths
Moderate
GHSA-f934-5rqf-xx47
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
Critical
CVE-2026-43585
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Sandboxed agents could escape exec routing via host=node override
High
CVE-2026-42434
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage
Moderate
CVE-2026-43580
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement
Moderate
CVE-2026-43573
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows
High
CVE-2026-43571
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Workspace .env could inject OpenClaw runtime-control variables
Moderate
CVE-2026-43531
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input
Moderate
CVE-2026-43534
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks
Low
CVE-2026-43572
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay
Low
CVE-2026-43583
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Heartbeat owner downgrade missed local async exec completion events
Moderate
GHSA-g375-h3v6-4873
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events
Moderate
CVE-2026-43566
was published
for
openclaw
(npm)
Apr 17, 2026
OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation
Moderate
CVE-2026-42436
was published
for
openclaw
(npm)
Apr 17, 2026
ProTip!
Advisories are also available from the
GraphQL API