Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,549
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,798
Pub
13
RubyGems
1,038
Rust
1,237
Swift
53
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName Low
CVE-2026-35617 was published for openclaw (npm) Mar 29, 2026
zpbrent Credited to zpbrent
OpenClaw: Gateway chat.send ACP-only provenance guard could be bypassed by client identity spoofing High
GHSA-6xg4-82hv-cp6f was published for openclaw (npm) Mar 31, 2026
zpbrent Credited to zpbrent
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA... Moderate Unreviewed
CVE-2026-29134 was published Apr 2, 2026
OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic High
GHSA-7ggg-pvrf-458v was published for openclaw (npm) Apr 2, 2026
nexrin Credited to nexrin and KeenSecurityLab KeenSecurityLab KeenSecurityLab
An attacker could use data obtained by sniffing the network traffic to forge packets in order to... Critical Unreviewed
CVE-2025-13926 was published Apr 9, 2026
Duplicate Advisory: OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName Low
GHSA-j42q-r6qx-xrfp was published for openclaw (npm) Apr 10, 2026 withdrawn
Duplicate Advisory: OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens Low
GHSA-5f7h-p83x-5vc2 was published for openclaw (npm) Apr 10, 2026 withdrawn
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local... Moderate Unreviewed
CVE-2019-25711 was published Apr 12, 2026
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized... Moderate Unreviewed
CVE-2026-0390 was published Apr 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database