Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
OpenClaw: Empty-scope device re-pairing could confuse caller scope containment Low
CVE-2026-53852 was published for openclaw (npm) Jun 18, 2026
zsxsoft Credited to zsxsoft, KeenSecurityLab, and qclawer KeenSecurityLab KeenSecurityLab
qclawer qclawer
Duplicate Advisory: Empty-scope device re-pairing could confuse caller scope containment Low
GHSA-hc4w-hm59-9w88 was published for openclaw (npm) Jun 16, 2026 withdrawn
OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open) Low
CVE-2026-41377 was published for openclaw (npm) Apr 2, 2026
davidluzsilva Credited to davidluzsilva
Duplicate Advisory: OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode Low
GHSA-vm29-7mq3-9jrg was published for OpenClaw (npm) Mar 31, 2026 withdrawn
tdjackey Credited to tdjackey
ProTip! Advisories are also available from the GraphQL API