npm - @openrewrite/recipes-nodejs - Versions diffs - 0.43.0-20260409-115929 → 0.43.1 - Mend

@openrewrite/recipes-nodejs 0.43.0-20260409-115929 → 0.43.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/resources/advisories-npm.csv +444 -96
package/package.json +1 -1

package/dist/resources/advisories-npm.csv CHANGED Viewed

@@ -997,7 +997,7 @@ CVE-2020-10544,2021-05-07T16:16:30Z,"Cross-site Scripting in PrimeFaces",primefa
 CVE-2020-10800,2020-04-16T03:14:59Z,"Machine-In-The-Middle in lix",lix,0,,15.11.4,HIGH,CWE-544;CWE-639,
 CVE-2020-11003,2020-04-16T03:14:39Z,"CSRF and DNS Rebinding in Oasis",@fraction/oasis,0,2.15.0,,MODERATE,CWE-352,
 CVE-2020-11021,2020-04-29T17:58:53Z,"Http request which redirect to another hostname do not strip authorization header in @actions/http-client",@actions/http-client,0,1.0.8,,MODERATE,CWE-200,
-CVE-2020-11022,2020-04-29T22:18:55Z,"Potential XSS vulnerability in jQuery",jquery,1.2.0,3.5.0,,MODERATE,CWE-79,
+CVE-2020-11022,2020-04-29T22:18:55Z,"Potential XSS vulnerability in jQuery",jquery,1.12.0,3.5.0,,MODERATE,CWE-79,
 CVE-2020-11023,2020-04-29T22:19:14Z,"Potential XSS vulnerability in jQuery",jquery,1.0.3,3.5.0,,MODERATE,CWE-79,
 CVE-2020-11059,2020-05-27T21:09:15Z,"Exposure of Sensitive Information to an Unauthorized Actor in AEgir",aegir,21.7.0,21.10.1,,CRITICAL,CWE-200,
 CVE-2020-11071,2020-05-12T00:39:03Z,"False-negative validation results in MINT transactions with invalid baton",slpjs,0,0.27.2,,CRITICAL,CWE-697,
@@ -3652,6 +3652,7 @@ CVE-2025-13465,2026-01-21T23:01:22Z,"Lodash has Prototype Pollution Vulnerabilit
 CVE-2025-13465,2026-01-21T23:01:22Z,"Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",lodash-es,4.0.0,4.17.23,,MODERATE,CWE-1321,
 CVE-2025-13465,2026-01-21T23:01:22Z,"Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",lodash.unset,4.0.0,,4.5.2,MODERATE,CWE-1321,
 CVE-2025-13466,2025-11-25T14:20:21Z,"body-parser is vulnerable to denial of service when url encoding is used",body-parser,2.2.0,2.2.1,,MODERATE,CWE-400,
+CVE-2025-13822,2026-04-14T12:31:28Z,"MCPHub has an authentication bypass",@samanhappy/mcphub,0,0.11.0,,MODERATE,CWE-639,
 CVE-2025-13877,2025-12-09T17:42:53Z,"Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments",@nocobase/auth,0,1.9.0-beta.18,,MODERATE,CWE-1320;CWE-321,
 CVE-2025-13877,2025-12-09T17:42:53Z,"Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments",@nocobase/auth,1.9.0,1.9.23,,MODERATE,CWE-1320;CWE-321,
 CVE-2025-13877,2025-12-09T17:42:53Z,"Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments",@nocobase/auth,2.0.0-alpha.1,2.0.0-alpha.52,,MODERATE,CWE-1320;CWE-321,
@@ -4102,7 +4103,7 @@ CVE-2025-56265,2025-09-08T18:31:42Z,"N8N's Chat Trigger component is vulnerable
 CVE-2025-56571,2025-09-30T18:30:24Z,"Finance.js vulnerable to DoS via the IRR function’s depth parameter",financejs,0,,4.1.0,HIGH,CWE-400;CWE-770;CWE-834,
 CVE-2025-56572,2025-09-30T18:30:24Z,"Finance.js vulnerable to DoS via the seekZero() parameter",financejs,0,,4.1.0,HIGH,CWE-400;CWE-770,
 CVE-2025-56647,2026-02-12T18:30:23Z,"@farmfe/core is Missing Origin Validation in WebSocket",@farmfe/core,0,1.7.6,,MODERATE,CWE-1385,
-CVE-2025-56648,2025-09-17T21:30:42Z,"Parcel has an Origin Validation Error vulnerability","@parcel/reporter-dev-server",1.6.1,,2.16.3,MODERATE,CWE-346,
+CVE-2025-56648,2025-09-17T21:30:42Z,"Parcel has an Origin Validation Error vulnerability","@parcel/reporter-dev-server",1.6.1,2.16.4,,MODERATE,CWE-346,
 CVE-2025-57164,2025-09-15T19:51:08Z,"FlowiseAI Pre-Auth Arbitrary Code Execution",flowise,3.0.5,3.0.6,,CRITICAL,CWE-94,
 CVE-2025-57283,2026-01-28T18:30:47Z,"BrowserStack Local vulnerable to Command Injection through logfile variable",browserstack-local,0,1.5.9,,MODERATE,CWE-77,
 CVE-2025-57285,2025-09-08T18:31:42Z,"CodeceptJS's incomprehensive sanitation can lead to Command Injection",codeceptjs,3.5.0,3.7.5,,CRITICAL,CWE-77,
@@ -4224,20 +4225,20 @@ CVE-2025-59430,2025-09-22T21:09:27Z,"Mesh Connect JS SDK Vulnerable to Cross Sit
 CVE-2025-59433,2025-09-22T18:01:01Z,"@conventional-changelog/git-client has Argument Injection vulnerability","@conventional-changelog/git-client",0,2.0.0,,MODERATE,CWE-88,
 CVE-2025-59471,2026-01-27T19:18:25Z,"Next.js self-hosted applications vulnerable to DoS via Image Optimizer remotePatterns configuration",next,10.0.0,15.5.10,,MODERATE,CWE-400;CWE-770,
 CVE-2025-59471,2026-01-27T19:18:25Z,"Next.js self-hosted applications vulnerable to DoS via Image Optimizer remotePatterns configuration",next,15.6.0-canary.0,16.1.5,,MODERATE,CWE-400;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.0-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.1-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.2-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.3-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.4-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.1.1-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.0-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.1-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.2-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.3.0-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.3.1-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.4.0-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.4.2-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
-CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.5.1-canary.0,,,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.0-canary.0,,15.0.0-canary.205,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.1-canary.0,,15.0.1-canary.3,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.2-canary.0,,15.0.2-canary.11,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.3-canary.0,,15.0.3-canary.9,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.0.4-canary.0,,15.0.4-canary.52,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.1.1-canary.0,,15.1.1-canary.27,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.0-canary.0,,15.2.0-canary.77,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.1-canary.0,,15.2.1-canary.6,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.2.2-canary.0,,15.2.2-canary.7,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.3.0-canary.0,,15.3.0-canary.46,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.3.1-canary.0,,15.3.1-canary.15,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.4.0-canary.0,,15.4.0-canary.130,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.4.2-canary.0,,15.4.2-canary.56,MODERATE,CWE-400;CWE-409;CWE-770,
+CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.5.1-canary.0,,15.5.1-canary.39,MODERATE,CWE-400;CWE-409;CWE-770,
 CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,15.6.0-canary.0,15.6.0-canary.61,,MODERATE,CWE-400;CWE-409;CWE-770,
 CVE-2025-59472,2026-01-28T15:20:55Z,"Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",next,16.0.0-beta.0,16.1.5,,MODERATE,CWE-400;CWE-409;CWE-770,
 CVE-2025-59526,2025-09-22T18:03:47Z,"Mailgen: HTML injection vulnerability in plaintext e-mails",mailgen,0,2.0.30,,MODERATE,CWE-79,
@@ -4263,6 +4264,7 @@ CVE-2025-60542,2025-10-29T18:30:33Z,"TypeORM vulnerable to SQL injection via cra
 CVE-2025-60794,2025-11-20T15:30:24Z,"@perfood/couch-auth may expose session tokens, passwords",@perfood/couch-auth,0,,0.21.2,MODERATE,CWE-316,
 CVE-2025-6087,2025-06-16T19:37:16Z,"OpenNext for Cloudflare (opennextjs-cloudflare) has a SSRF vulnerability via /_next/image endpoint",@opennextjs/cloudflare,0,1.3.0,,HIGH,CWE-918,
 CVE-2025-61140,2026-01-28T18:30:47Z,"JSONPath vulnerable to Prototype Pollution due to insufficient input validation of object keys in lib/index.js",jsonpath,0,1.2.0,,MODERATE,CWE-1321,
+CVE-2025-61260,2026-04-14T15:30:34Z,"OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files",@openai/codex,0,,0.23.0,CRITICAL,CWE-94,
 CVE-2025-61668,2025-10-01T15:53:43Z," @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user ",@plone/volto,0,16.34.1,,HIGH,CWE-476;CWE-754,
 CVE-2025-61668,2025-10-01T15:53:43Z," @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user ",@plone/volto,17.0.0,17.22.2,,HIGH,CWE-476;CWE-754,
 CVE-2025-61668,2025-10-01T15:53:43Z," @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user ",@plone/volto,18.0.0,18.27.2,,HIGH,CWE-476;CWE-754,
@@ -4303,6 +4305,8 @@ CVE-2025-62595,2025-10-21T15:09:06Z,"Koa Vulnerable to Open Redirect via Trailin
 CVE-2025-62595,2025-10-21T15:09:06Z,"Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic",koa,3.0.1,3.0.3,,MODERATE,CWE-601,
 CVE-2025-62610,2025-10-22T15:21:18Z,"Hono Improper Authorization vulnerability",hono,1.1.0,4.10.2,,HIGH,CWE-285,
 CVE-2025-62713,2025-10-23T16:01:35Z,"Kottster app reinitialization can be re-triggered allowing command injection in development mode",@kottster/server,3.2.0,3.3.2,,HIGH,CWE-284;CWE-78,
+CVE-2025-62718,2026-04-09T17:32:19Z,"Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",axios,0,0.31.0,,MODERATE,CWE-441;CWE-918,
+CVE-2025-62718,2026-04-09T17:32:19Z,"Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",axios,1.0.0,1.15.0,,MODERATE,CWE-441;CWE-918,
 CVE-2025-62726,2025-10-30T17:04:26Z,"n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook",n8n,0,1.113.0,,HIGH,CWE-829,
 CVE-2025-63700,2025-11-20T21:30:32Z,"Clerk-js vulnerable to bypass of OAuth authentication flow by manipulating request at OTP verification stage",@clerk/clerk-js,0,,5.88.0,MODERATE,CWE-290;CWE-639,
 CVE-2025-64118,2025-10-30T17:13:17Z,"node-tar has a race condition leading to uninitialized memory exposure",tar,7.5.1,7.5.2,,MODERATE,CWE-362,
@@ -4565,7 +4569,7 @@ CVE-2026-22172,2026-03-13T20:55:24Z,"OpenClaw: WebSocket shared-auth connections
 CVE-2026-22174,2026-03-03T21:50:34Z,"OpenClaw Loopback CDP probe can leak Gateway token to local listener",openclaw,0,2026.2.22,,MODERATE,CWE-290;CWE-306,
 CVE-2026-22175,2026-03-02T22:30:43Z,"OpenClaw's exec allow-always can be bypassed via unrecognized multiplexer shell wrappers (busybox/toybox sh -c)",openclaw,0,2026.2.23,,MODERATE,CWE-184,
 CVE-2026-22176,2026-03-03T21:50:05Z,"OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation",openclaw,0,2026.2.19,,HIGH,CWE-78,
-CVE-2026-22177,2026-03-03T19:53:02Z,"OpenClaw's config env vars allowed startup env injection into service runtime",openclaw,0,2026.2.21,,HIGH,CWE-15,
+CVE-2026-22177,2026-03-03T19:53:02Z,"OpenClaw's config env vars allowed startup env injection into service runtime",openclaw,0,2026.2.21,,MODERATE,CWE-15,
 CVE-2026-22178,2026-03-02T22:17:30Z,"OpenClaw has ReDoS and regex injection via unescaped Feishu mention metadata in RegExp construction",openclaw,0,2026.2.19,,MODERATE,CWE-1333,
 CVE-2026-22179,2026-03-03T21:41:12Z,"OpenClaw has macOS `system.run` allowlist bypass via quoted command substitution",openclaw,0,2026.2.22,,HIGH,CWE-78,
 CVE-2026-22180,2026-03-03T21:20:01Z,"OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows",openclaw,0,2026.3.2,,MODERATE,CWE-367;CWE-59,
@@ -4639,6 +4643,15 @@ CVE-2026-23864,2026-01-29T15:00:30Z,"React Server Components have multiple Denia
 CVE-2026-23864,2026-01-29T15:00:30Z,"React Server Components have multiple Denial of Service Vulnerabilities",react-server-dom-webpack,"19.1.0-canary-7130d0c6-20241212",19.1.5,,HIGH,CWE-400,
 CVE-2026-23864,2026-01-29T15:00:30Z,"React Server Components have multiple Denial of Service Vulnerabilities",react-server-dom-webpack,"19.2.0-canary-63779030-20250328",19.2.4,,HIGH,CWE-400,
 CVE-2026-23864,2026-01-29T15:00:30Z,"React Server Components have multiple Denial of Service Vulnerabilities",react-server-dom-webpack,19.0.0,19.0.4,,HIGH,CWE-400,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability","react-server-dom-turbopack",19.0.0,19.0.5,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability","react-server-dom-turbopack",19.1.0,19.1.6,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability","react-server-dom-turbopack",19.2.0,19.2.5,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-parcel,19.0.0,19.0.5,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-parcel,19.1.0,19.1.6,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-parcel,19.2.0,19.2.5,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-webpack,19.0.0,19.0.5,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-webpack,19.1.0,19.1.6,,HIGH,CWE-400;CWE-502,
+CVE-2026-23869,2026-04-10T15:35:37Z,"React Server Components have a Denial of Service Vulnerability",react-server-dom-webpack,19.2.0,19.2.5,,HIGH,CWE-400;CWE-502,
 CVE-2026-23888,2026-01-26T21:02:49Z,"pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)",pnpm,0,10.28.1,,MODERATE,CWE-22;CWE-23;CWE-426,
 CVE-2026-23889,2026-01-26T21:02:44Z,"pnpm has Windows-specific tarball Path Traversal",pnpm,0,10.28.1,,MODERATE,CWE-22,
 CVE-2026-23890,2026-01-26T21:02:39Z,"pnpm scoped bin name Path Traversal allows arbitrary file creation outside node_modules/.bin",pnpm,0,10.28.1,,MODERATE,CWE-23,
@@ -4767,7 +4780,7 @@ CVE-2026-25641,2026-02-05T21:33:04Z,"@nyariv/sandboxjs vulnerable to sandbox esc
 CVE-2026-25651,2026-02-06T18:54:33Z,"client-certificate-auth Vulnerable to Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect",client-certificate-auth,0.2.1,1.0.0,,MODERATE,CWE-601,
 CVE-2026-25722,2026-02-06T19:02:41Z,"Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection","@anthropic-ai/claude-code",0,2.0.57,,HIGH,CWE-20;CWE-78,
 CVE-2026-25723,2026-02-06T19:04:51Z,"Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions","@anthropic-ai/claude-code",0,2.0.55,,HIGH,CWE-20;CWE-78,
-CVE-2026-25724,2026-02-06T19:08:04Z,"Claude Code has Permission Deny Bypass Through Symbolic Links","@anthropic-ai/claude-code",0,2.1.7,,LOW,CWE-61;CWE-285,
+CVE-2026-25724,2026-02-06T19:08:04Z,"Claude Code has Permission Deny Bypass Through Symbolic Links","@anthropic-ai/claude-code",0,2.1.7,,LOW,CWE-285;CWE-61,
 CVE-2026-25725,2026-02-06T19:14:33Z,"Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json","@anthropic-ai/claude-code",0,2.1.2,,HIGH,CWE-501;CWE-668,
 CVE-2026-25751,2026-02-05T00:33:44Z,"FUXA Unauthenticated Exposure of Plaintext Database Credentials",fuxa-server,0,1.2.10,,CRITICAL,CWE-306;CWE-312,
 CVE-2026-25752,2026-02-05T00:38:25Z,"FUXA Unauthenticated Remote Arbitrary Device Tag Write",fuxa-server,0,1.2.10,,CRITICAL,CWE-862,
@@ -4971,6 +4984,7 @@ CVE-2026-27978,2026-03-17T15:30:14Z,"Next.js: null origin can bypass Server Acti
 CVE-2026-27979,2026-03-17T16:16:49Z,"Next.js: Unbounded postponed resume buffering can lead to DoS",next,16.0.1,16.1.7,,MODERATE,CWE-770,
 CVE-2026-27980,2026-03-17T16:17:06Z,"Next.js: Unbounded next/image disk cache growth can exhaust storage",next,10.0.0,15.5.14,,MODERATE,CWE-400,
 CVE-2026-27980,2026-03-17T16:17:06Z,"Next.js: Unbounded next/image disk cache growth can exhaust storage",next,16.0.0-beta.0,16.1.7,,MODERATE,CWE-400,
+CVE-2026-28291,2026-04-13T16:35:37Z,"simple-git Affected by Command Execution via Option-Parsing Bypass",simple-git,0,3.32.0,,HIGH,CWE-78,
 CVE-2026-28292,2026-03-10T18:38:56Z,"simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE",simple-git,3.15.0,3.32.3,,CRITICAL,CWE-178;CWE-78,
 CVE-2026-28343,2026-03-04T18:49:32Z,"CKEditor 5 has Cross-site Scripting (XSS) in the HTML Support package","@ckeditor/ckeditor5-html-support",29.0.0,47.6.0,,MODERATE,CWE-79,
 CVE-2026-28343,2026-03-04T18:49:32Z,"CKEditor 5 has Cross-site Scripting (XSS) in the HTML Support package",ckeditor5,29.0.0,47.6.0,,MODERATE,CWE-79,
@@ -5157,6 +5171,7 @@ CVE-2026-31818,2026-04-03T21:34:44Z,"Budibase: Server-Side Request Forgery via R
 CVE-2026-31828,2026-03-11T00:23:21Z,"Parse Server vulnerable to LDAP injection via unsanitized user input in DN and group filter construction",parse-server,0,8.6.26,,MODERATE,CWE-90,
 CVE-2026-31828,2026-03-11T00:23:21Z,"Parse Server vulnerable to LDAP injection via unsanitized user input in DN and group filter construction",parse-server,9.0.0-alpha.1,9.5.2-alpha.13,,MODERATE,CWE-90,
 CVE-2026-31829,2026-03-11T00:24:05Z,"Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access",flowise,0,3.0.13,,HIGH,CWE-918,
+CVE-2026-31829,2026-03-11T00:24:05Z,"Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access",flowise-components,0,3.0.13,,HIGH,CWE-918,
 CVE-2026-31839,2026-03-11T14:55:49Z,"Striae has a hash validation utility vulnerability",@striae-org/striae,0.9.22-0,3.0.0,,HIGH,CWE-327;CWE-353;CWE-354,
 CVE-2026-31840,2026-03-10T18:25:27Z,"Parse Server: SQL injection via dot-notation field name in PostgreSQL",parse-server,0,8.6.28,,CRITICAL,CWE-89,
 CVE-2026-31840,2026-03-10T18:25:27Z,"Parse Server: SQL injection via dot-notation field name in PostgreSQL",parse-server,9.0.0,9.6.0-alpha.2,,CRITICAL,CWE-89,
@@ -5338,11 +5353,20 @@ CVE-2026-32897,2026-03-03T23:01:30Z,"OpenClaw reuses the gateway auth token in t
 CVE-2026-32898,2026-02-27T22:08:36Z,"OpenClaw ACP client has permission auto-approval bypass via untrusted tool metadata",openclaw,0,2026.2.23,,MODERATE,CWE-639;CWE-863,
 CVE-2026-32899,2026-03-03T19:50:26Z,"OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress",openclaw,0,2026.2.25,,MODERATE,CWE-863,
 CVE-2026-32913,2026-03-09T19:54:20Z,"OpenClaw: fetch-guard forwards custom authorization headers across cross-origin redirects",openclaw,0,2026.3.7,,HIGH,CWE-116;CWE-184;CWE-522,
+CVE-2026-32916,2026-03-13T15:47:23Z,"OpenClaw: Plugin subagent routes could bypass gateway authorization with synthetic admin scopes",openclaw,2026.3.7,2026.3.11,,CRITICAL,CWE-269;CWE-285,
 CVE-2026-32918,2026-03-13T20:55:19Z,"`OpenClaw: session_status` let sandboxed subagents access parent or sibling session state",openclaw,0,2026.3.11,,HIGH,CWE-863,
+CVE-2026-32920,2026-03-13T20:55:13Z,"OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories",openclaw,0,2026.3.12,,HIGH,CWE-829,
+CVE-2026-32921,2026-03-12T14:21:28Z,"OpenClaw's system.run approvals did not bind mutable script operands across approval and execution",openclaw,0,2026.3.8,,MODERATE,CWE-285;CWE-367,
 CVE-2026-32943,2026-03-17T17:40:08Z,"Parse Server has a password reset token single-use bypass via concurrent requests",parse-server,0,8.6.48,,LOW,CWE-367,
 CVE-2026-32943,2026-03-17T17:40:08Z,"Parse Server has a password reset token single-use bypass via concurrent requests",parse-server,9.0.0,9.6.0-alpha.28,,LOW,CWE-367,
 CVE-2026-32944,2026-03-17T17:35:52Z,"Parse Server crash via deeply nested query condition operators",parse-server,0,8.6.45,,HIGH,CWE-674,
 CVE-2026-32944,2026-03-17T17:35:52Z,"Parse Server crash via deeply nested query condition operators",parse-server,9.0.0,9.6.0-alpha.21,,HIGH,CWE-674,
+CVE-2026-32970,2026-03-13T15:48:21Z,"OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode",openclaw,0,2026.3.11,,LOW,CWE-636,
+CVE-2026-32971,2026-03-13T15:47:46Z,"OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv",openclaw,0,2026.3.11,,HIGH,CWE-436;CWE-863,
+CVE-2026-32974,2026-03-13T20:55:34Z,"OpenClaw: Feishu webhook mode accepted forged events when only `verificationToken` was configured",openclaw,0,2026.3.12,,HIGH,CWE-347,
+CVE-2026-32977,2026-03-13T15:47:15Z,"OpenClaw: Sandbox `writeFile` commit could race outside the validated path",openclaw,0,2026.3.11,,MODERATE,CWE-367,
+CVE-2026-32978,2026-03-13T15:48:05Z,"OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity",openclaw,0,2026.3.11,,HIGH,CWE-863,
+CVE-2026-32979,2026-03-13T15:47:41Z,"OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity",openclaw,0,2026.3.11,,HIGH,CWE-367,
 CVE-2026-32980,2026-03-16T20:40:57Z,"OpenClaw Telegram webhook request bodies were read before secret validation, enabling unauthenticated resource exhaustion",openclaw,0,2026.3.13,,HIGH,CWE-400;CWE-770,
 CVE-2026-33011,2026-03-17T18:38:38Z,"Nest Fastify HEAD Request Middleware Bypass",@nestjs/platform-fastify,0,11.1.16,,HIGH,CWE-670,
 CVE-2026-33036,2026-03-17T19:45:41Z,"fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)",fast-xml-parser,4.0.0-beta.3,4.5.5,,HIGH,CWE-776,
@@ -5381,7 +5405,8 @@ CVE-2026-33323,2026-03-19T18:21:18Z,"Parse Server email verification resend page
 CVE-2026-33323,2026-03-19T18:21:18Z,"Parse Server email verification resend page leaks user existence",parse-server,9.0.0,9.6.0-alpha.40,,MODERATE,CWE-204,
 CVE-2026-33326,2026-03-19T18:37:42Z,"@keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany (CVE-2025-46720 incomplete fix)",@keystone-6/core,0,6.5.2,,MODERATE,CWE-863,
 CVE-2026-33331,2026-03-20T17:25:56Z,"oRPC has Stored XSS in OpenAPI Reference Plugin via unescaped JSON.stringify",@orpc/openapi,0,1.13.9,,HIGH,CWE-79,
-CVE-2026-33349,2026-03-19T19:13:13Z,"Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser",fast-xml-parser,4.0.0-beta.3,5.5.7,,MODERATE,CWE-1284,
+CVE-2026-33349,2026-03-19T19:13:13Z,"Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser",fast-xml-parser,4.0.0-beta.3,4.5.5,,MODERATE,CWE-1284,
+CVE-2026-33349,2026-03-19T19:13:13Z,"Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser",fast-xml-parser,5.0.0,5.5.7,,MODERATE,CWE-1284,
 CVE-2026-33397,2026-03-19T21:22:52Z,"Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR",@angular/ssr,20.0.0-next.0,20.3.21,,MODERATE,CWE-601,
 CVE-2026-33397,2026-03-19T21:22:52Z,"Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR",@angular/ssr,21.0.0-next.0,21.2.3,,MODERATE,CWE-601,
 CVE-2026-33397,2026-03-19T21:22:52Z,"Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR",@angular/ssr,22.0.0-next.0,22.0.0-next.2,,MODERATE,CWE-601,
@@ -5407,17 +5432,21 @@ CVE-2026-33538,2026-03-24T19:11:40Z,"Parse Server: Denial of Service via unindex
 CVE-2026-33538,2026-03-24T19:11:40Z,"Parse Server: Denial of Service via unindexed database query for unconfigured auth providers",parse-server,9.0.0,9.6.0-alpha.52,,HIGH,CWE-400,
 CVE-2026-33539,2026-03-24T19:12:06Z,"Parse Server has SQL Injection through aggregate and distinct field names in PostgreSQL adapter",parse-server,0,8.6.59,,HIGH,CWE-89,
 CVE-2026-33539,2026-03-24T19:12:06Z,"Parse Server has SQL Injection through aggregate and distinct field names in PostgreSQL adapter",parse-server,9.0.0,9.6.0-alpha.53,,HIGH,CWE-89,
+CVE-2026-33572,2026-03-16T20:41:51Z,"OpenClaw session transcript files were created without forced user-only permissions",openclaw,0,2026.2.17,,MODERATE,CWE-276;CWE-732,
+CVE-2026-33574,2026-03-12T14:21:32Z,"OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path",openclaw,0,2026.3.8,,MODERATE,CWE-367,
 CVE-2026-33576,2026-03-31T23:50:44Z,"OpenClaw: Zalo channel downloads media before sender authorization",openclaw,0,2026.3.28,,MODERATE,CWE-862;CWE-863,
 CVE-2026-33577,2026-04-01T00:00:19Z,"OpenClaw: node.pair.approve missing callerScopes validation allows low-privilege operator to approve malicious nodes",openclaw,0,2026.3.28,,MODERATE,CWE-863,
 CVE-2026-33578,2026-04-01T00:01:10Z,"OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade",openclaw,0,2026.3.28,,MODERATE,CWE-863,
+CVE-2026-33579,2026-03-31T23:50:22Z,"OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation",openclaw,0,2026.3.28,,CRITICAL,CWE-863,
+CVE-2026-33580,2026-03-31T23:59:17Z,"OpenClaw's Nextcloud Talk webhook missing rate limiting on shared secret authentication",openclaw,0,2026.3.28,,MODERATE,CWE-307,
 CVE-2026-33581,2026-03-31T23:54:28Z,"OpenClaw's message tool media parameter bypasses tool policy filesystem isolation",openclaw,0,2026.3.24,,HIGH,CWE-22,
 CVE-2026-33624,2026-03-24T19:48:24Z,"Parse Server: MFA recovery code single-use bypass via concurrent requests",parse-server,0,8.6.60,,LOW,CWE-367,
 CVE-2026-33624,2026-03-24T19:48:24Z,"Parse Server: MFA recovery code single-use bypass via concurrent requests",parse-server,9.0.0,9.6.0-alpha.54,,LOW,CWE-367,
 CVE-2026-33627,2026-03-24T20:17:02Z,"Parse Server exposes auth data via /users/me endpoint",parse-server,0,8.6.61,,HIGH,CWE-200,
 CVE-2026-33627,2026-03-24T20:17:02Z,"Parse Server exposes auth data via /users/me endpoint",parse-server,9.0.0,9.6.0-alpha.55,,HIGH,CWE-200,
-CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,0,1.123.27,,CRITICAL,CWE-94;CWE-89,
-CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,2.0.0-rc.0,2.13.3,,CRITICAL,CWE-94;CWE-89,
-CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,2.14.0,2.14.1,,CRITICAL,CWE-94;CWE-89,
+CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,0,1.123.27,,CRITICAL,CWE-89;CWE-94,
+CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,2.0.0-rc.0,2.13.3,,CRITICAL,CWE-89;CWE-94,
+CVE-2026-33660,2026-03-25T21:07:45Z,"n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode",n8n,2.14.0,2.14.1,,CRITICAL,CWE-89;CWE-94,
 CVE-2026-33663,2026-03-25T21:08:33Z,"n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition",n8n,0,1.123.27,,HIGH,CWE-639,
 CVE-2026-33663,2026-03-25T21:08:33Z,"n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition",n8n,2.0.0-rc.0,2.13.3,,HIGH,CWE-639,
 CVE-2026-33663,2026-03-25T21:08:33Z,"n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition",n8n,2.14.0,2.14.1,,HIGH,CWE-639,
@@ -5451,9 +5480,18 @@ CVE-2026-33751,2026-03-26T18:30:18Z,"n8n Vulnerable to LDAP Filter Injection in
 CVE-2026-33751,2026-03-26T18:30:18Z,"n8n Vulnerable to LDAP Filter Injection in LDAP Node",n8n,2.0.0-rc.0,2.13.3,,MODERATE,CWE-90,
 CVE-2026-33751,2026-03-26T18:30:18Z,"n8n Vulnerable to LDAP Filter Injection in LDAP Node",n8n,2.14.0,2.14.1,,MODERATE,CWE-90,
 CVE-2026-33768,2026-03-26T18:41:34Z,"Astro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path`",@astrojs/vercel,0,10.0.2,,MODERATE,CWE-441;CWE-862,
-CVE-2026-33769,2026-03-26T18:45:17Z,"Astro: Remote allowlist bypass via unanchored matchPathname wildcard",astro,2.10.10,5.18.1,,LOW,CWE-20;CWE-183,
+CVE-2026-33769,2026-03-26T18:45:17Z,"Astro: Remote allowlist bypass via unanchored matchPathname wildcard",astro,2.10.10,5.18.1,,LOW,CWE-183;CWE-20,
+CVE-2026-33804,2026-04-16T22:28:54Z,"@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes option",@fastify/middie,0,9.3.2,,HIGH,CWE-436,
+CVE-2026-33805,2026-04-16T01:02:59Z,"Fastify's connection header abuse enables stripping of proxy-added headers",@fastify/http-proxy,0,11.4.4,,CRITICAL,CWE-644,
+CVE-2026-33805,2026-04-16T01:02:59Z,"Fastify's connection header abuse enables stripping of proxy-added headers",@fastify/reply-from,0,12.6.2,,CRITICAL,CWE-644,
+CVE-2026-33806,2026-04-15T19:24:41Z,"Fastify has a Body Schema Validation Bypass via Leading Space in Content-Type Header",fastify,5.3.2,5.8.5,,HIGH,CWE-1287,
+CVE-2026-33807,2026-04-16T01:03:25Z,"@fastify/express's middleware path doubling causes authentication bypass in child plugin scopes",@fastify/express,0,4.0.5,,CRITICAL,CWE-436,
+CVE-2026-33808,2026-04-16T01:03:46Z,"@fastify/express has a middleware authentication bypass via URL normalization gaps (duplicate slashes and semicolons)",@fastify/express,0,4.0.5,,CRITICAL,CWE-436,
 CVE-2026-33863,2026-03-26T18:50:33Z,"Convict has prototype pollution via load(), loadFile(), and schema initialization",convict,0,6.2.5,,CRITICAL,CWE-1321,
 CVE-2026-33864,2026-03-26T18:55:41Z,"Convict has Prototype Pollution via startsWith() function",convict,0,6.2.5,,CRITICAL,CWE-1321,
+CVE-2026-33877,2026-04-16T20:42:11Z,"ApostropheCMS: User Enumeration via Timing Side Channel in Password Reset Endpoint",apostrophe,0,4.29.0,,LOW,CWE-208,
+CVE-2026-33888,2026-04-16T20:42:21Z,"ApostropheCMS: publicApiProjection Bypass via project Query Builder in Piece-Type REST API",apostrophe,0,4.29.0,,MODERATE,CWE-200;CWE-863,
+CVE-2026-33889,2026-04-16T20:42:37Z,"ApostropheCMS: Stored XSS via CSS Custom Property Injection in @apostrophecms/color-field Escaping Style Tag Context",apostrophe,0,4.29.0,,MODERATE,CWE-79,
 CVE-2026-33891,2026-03-26T21:57:48Z,"Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input",node-forge,0,1.4.0,,HIGH,CWE-835,
 CVE-2026-33894,2026-03-26T22:02:35Z,"Forge has signature forgery in RSA-PKCS due to ASN.1 extra field  ",node-forge,0,1.4.0,,HIGH,CWE-20;CWE-347,
 CVE-2026-33895,2026-03-26T22:04:41Z,"Forge has signature forgery in Ed25519 due to missing S > L check",node-forge,0,1.4.0,,HIGH,CWE-347,
@@ -5478,7 +5516,14 @@ CVE-2026-34076,2026-03-27T19:58:19Z,"Clerk: SSRF in the opt-in clerkFrontendApiP
 CVE-2026-34076,2026-03-27T19:58:19Z,"Clerk: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended host",@clerk/fastify,3.1.0,3.1.5,,HIGH,CWE-918,
 CVE-2026-34076,2026-03-27T19:58:19Z,"Clerk: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended host",@clerk/hono,0.1.0,0.1.5,,HIGH,CWE-918,
 CVE-2026-34083,2026-04-03T21:43:22Z,"Signal K Server: OAuth Authorization Code Theft via Unvalidated Host Header in OIDC Flow",signalk-server,2.20.0,2.24.0,,MODERATE,CWE-346;CWE-601,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/fedify,0,1.9.6,,HIGH,CWE-400;CWE-770,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/fedify,1.10.0,1.10.5,,HIGH,CWE-400;CWE-770,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/fedify,2.0.0,2.0.8,,HIGH,CWE-400;CWE-770,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/fedify,2.1.0,2.1.1,,HIGH,CWE-400;CWE-770,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/vocab-runtime,0,2.0.8,,HIGH,CWE-400;CWE-770,
+CVE-2026-34148,2026-04-07T18:04:09Z,"Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution",@fedify/vocab-runtime,2.1.0,2.1.1,,HIGH,CWE-400;CWE-770,
 CVE-2026-34156,2026-03-30T17:16:24Z,"NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node","@nocobase/plugin-workflow-javascript",0,2.0.28,,CRITICAL,CWE-913,
+CVE-2026-34166,2026-04-08T15:00:29Z,"LiquidJS Has Memory Limit Bypass via Quadratic Amplification in `replace` Filter",liquidjs,0,10.25.3,,LOW,CWE-400,
 CVE-2026-3419,2026-03-05T21:29:54Z,"Fastify's Missing End Anchor in ""subtypeNameReg"" Allows Malformed Content-Types to Pass Validation",fastify,5.7.2,5.8.1,,MODERATE,CWE-185,
 CVE-2026-34208,2026-04-03T21:44:39Z,"SandboxJS: Sandbox integrity escape ",@nyariv/sandboxjs,0,0.8.36,,CRITICAL,CWE-693;CWE-915,
 CVE-2026-34209,2026-03-29T15:10:03Z,"mppx: Tempo has a session close voucher bypass vulnerability due to settled amount equality",mppx,0,0.4.11,,HIGH,CWE-294,
@@ -5498,11 +5543,18 @@ CVE-2026-34363,2026-03-30T17:40:59Z,"LiveQuery protected field leak via shared m
 CVE-2026-34363,2026-03-30T17:40:59Z,"LiveQuery protected field leak via shared mutable state across concurrent subscribers",parse-server,9.0.0,9.7.0-alpha.9,,HIGH,CWE-362,
 CVE-2026-34373,2026-03-30T18:05:47Z,"GraphQL API endpoint ignores CORS origin restriction",parse-server,3.5.0,8.6.66,,MODERATE,CWE-346,
 CVE-2026-34373,2026-03-30T18:05:47Z,"GraphQL API endpoint ignores CORS origin restriction",parse-server,9.0.0,9.7.0-alpha.10,,MODERATE,CWE-346,
-CVE-2026-34404,2026-03-31T23:25:53Z,"Nuxt OG Image is vulnerable to Denial of Service via unbounded image dimensions",nuxt-og-image,0,6.2.5,,MODERATE,CWE-404,
+CVE-2026-34404,2026-03-31T23:25:53Z,"Nuxt OG Image is vulnerable to Denial of Service via unbounded image dimensions",nuxt-og-image,0,6.2.5,,MODERATE,CWE-400;CWE-404,
 CVE-2026-34405,2026-03-31T23:27:03Z,"Nuxt OG Image is vulnerable to reflected XSS via query parameter injection into HTML attributes",nuxt-og-image,0,6.2.5,,MODERATE,CWE-79,
+CVE-2026-34425,2026-04-06T22:53:48Z,"OpenClaw's complex interpreter pipelines could skip exec script preflight validation",openclaw,0,2026.4.2,,MODERATE,CWE-184,
+CVE-2026-34426,2026-03-26T19:07:55Z,"OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation",openclaw,0,2026.3.22,,MODERATE,CWE-40,
 CVE-2026-34451,2026-04-01T21:16:49Z,"Claude SDK for TypeScript: Memory Tool Path Validation Allows Sandbox Escape to Sibling Directories",@anthropic-ai/sdk,0.79.0,0.81.0,,MODERATE,CWE-22;CWE-41,
 CVE-2026-3449,2026-03-03T06:31:14Z,"@tootallnate/once vulnerable to Incorrect Control Flow Scoping",@tootallnate/once,0,3.0.1,,LOW,CWE-705,
 CVE-2026-34503,2026-03-31T23:52:03Z,"OpenClaw's device removal and token revocation do not terminate active WebSocket sessions",openclaw,0,2026.3.28,,HIGH,CWE-613,
+CVE-2026-34504,2026-04-01T00:01:51Z,"OpenClaw affected by SSRF via unguarded image download in fal provider",openclaw,0,2026.3.28,,LOW,CWE-918,
+CVE-2026-34505,2026-03-13T20:55:38Z,"OpenClaw: Zalo webhook rate limiting could be bypassed before secret validation",openclaw,0,2026.3.12,,MODERATE,CWE-307,
+CVE-2026-34506,2026-03-12T14:21:35Z,"OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty",openclaw,0,2026.3.8,,MODERATE,CWE-289,
+CVE-2026-34508,2026-03-31T12:31:36Z,"Duplicate Advisory: OpenClaw has Bypass in Webhook Rate Limiting via Pre-Authentication Secret Validation",openclaw,0,2026.3.12,,MODERATE,CWE-307,
+CVE-2026-34511,2026-04-04T06:26:55Z,"OpenClaw: Gemini OAuth exposed the PKCE verifier through the OAuth state parameter",openclaw,0,2026.4.2,,HIGH,CWE-345,
 CVE-2026-34522,2026-04-01T21:36:40Z,"SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory",sillytavern,0,1.17.0,,HIGH,CWE-22;CWE-73,
 CVE-2026-34523,2026-04-01T21:40:22Z,"SillyTavern: Path Traversal allows file existence oracle",sillytavern,0,1.17.0,,MODERATE,CWE-22,
 CVE-2026-34524,2026-04-01T21:41:48Z,"SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root",sillytavern,0,1.17.0,,HIGH,CWE-22,
@@ -5530,13 +5582,17 @@ CVE-2026-34750,2026-04-01T21:44:09Z,"Payload has Insufficient Filename Validatio
 CVE-2026-34750,2026-04-01T21:44:09Z,"Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints",@payloadcms/storage-gcs,0,3.78.0,,MODERATE,CWE-22,
 CVE-2026-34750,2026-04-01T21:44:09Z,"Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints",@payloadcms/storage-r2,0,3.78.0,,MODERATE,CWE-22,
 CVE-2026-34750,2026-04-01T21:44:09Z,"Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints",@payloadcms/storage-s3,0,3.78.0,,MODERATE,CWE-22,
-CVE-2026-34751,2026-04-01T16:08:02Z,"Payload has Unvalidated Input in Password Recovery Endpoints",@payloadcms/graphql,0,3.79.1,,CRITICAL,CWE-472;CWE-640,
-CVE-2026-34751,2026-04-01T16:08:02Z,"Payload has Unvalidated Input in Password Recovery Endpoints",payload,0,3.79.1,,CRITICAL,CWE-472;CWE-640,
+CVE-2026-34751,2026-04-01T16:08:02Z,"Payload: Pre-Authentication Account Takeover via Parameter Injection in Password Recovery",@payloadcms/graphql,0,3.79.1,,CRITICAL,CWE-472;CWE-640,
+CVE-2026-34751,2026-04-01T16:08:02Z,"Payload: Pre-Authentication Account Takeover via Parameter Injection in Password Recovery",payload,0,3.79.1,,CRITICAL,CWE-472;CWE-640,
 CVE-2026-34752,2026-04-01T22:56:09Z,"Haraka affected by DoS via `__proto__` email header",Haraka,0,3.1.4,,HIGH,CWE-248,
 CVE-2026-34764,2026-04-03T21:52:33Z,"Electron: Use-after-free in offscreen shared texture release() callback",electron,33.0.0-alpha.1,39.8.5,,LOW,CWE-416,
 CVE-2026-34764,2026-04-03T21:52:33Z,"Electron: Use-after-free in offscreen shared texture release() callback",electron,40.0.0-alpha.1,40.8.5,,LOW,CWE-416,
 CVE-2026-34764,2026-04-03T21:52:33Z,"Electron: Use-after-free in offscreen shared texture release() callback",electron,41.0.0-alpha.1,41.1.0,,LOW,CWE-416,
 CVE-2026-34764,2026-04-03T21:52:33Z,"Electron: Use-after-free in offscreen shared texture release() callback",electron,42.0.0-alpha.1,42.0.0-alpha.5,,LOW,CWE-416,
+CVE-2026-34765,2026-04-07T15:52:25Z,"Electron: Named window.open targets not scoped to the opener's browsing context",electron,0,39.8.5,,MODERATE,CWE-668,
+CVE-2026-34765,2026-04-07T15:52:25Z,"Electron: Named window.open targets not scoped to the opener's browsing context",electron,40.0.0-alpha.1,40.8.5,,MODERATE,CWE-668,
+CVE-2026-34765,2026-04-07T15:52:25Z,"Electron: Named window.open targets not scoped to the opener's browsing context",electron,41.0.0-alpha.1,41.1.0,,MODERATE,CWE-668,
+CVE-2026-34765,2026-04-07T15:52:25Z,"Electron: Named window.open targets not scoped to the opener's browsing context",electron,42.0.0-alpha.1,42.0.0-alpha.5,,MODERATE,CWE-668,
 CVE-2026-34766,2026-04-03T02:36:52Z,"Electron: USB device selection not validated against filtered device list",electron,0,38.8.6,,LOW,CWE-862,
 CVE-2026-34766,2026-04-03T02:36:52Z,"Electron: USB device selection not validated against filtered device list",electron,39.0.0-alpha.1,39.8.0,,LOW,CWE-862,
 CVE-2026-34766,2026-04-03T02:36:52Z,"Electron: USB device selection not validated against filtered device list",electron,40.0.0-alpha.1,40.7.0,,LOW,CWE-862,
@@ -5595,14 +5651,20 @@ CVE-2026-34779,2026-04-03T02:46:16Z,"Electron: AppleScript injection in app.move
 CVE-2026-34780,2026-04-03T02:46:56Z,"Electron: Context Isolation bypass via contextBridge VideoFrame transfer",electron,39.0.0-alpha.1,39.8.0,,HIGH,CWE-1188;CWE-668,
 CVE-2026-34780,2026-04-03T02:46:56Z,"Electron: Context Isolation bypass via contextBridge VideoFrame transfer",electron,40.0.0-alpha.1,40.7.0,,HIGH,CWE-1188;CWE-668,
 CVE-2026-34780,2026-04-03T02:46:56Z,"Electron: Context Isolation bypass via contextBridge VideoFrame transfer",electron,41.0.0-alpha.1,41.0.0-beta.8,,HIGH,CWE-1188;CWE-668,
+CVE-2026-34781,2026-04-07T15:52:28Z,"Electron: Crash in clipboard.readImage() on malformed clipboard image data",electron,0,39.8.5,,LOW,CWE-476,
+CVE-2026-34781,2026-04-07T15:52:28Z,"Electron: Crash in clipboard.readImage() on malformed clipboard image data",electron,40.0.0-alpha.1,40.8.5,,LOW,CWE-476,
+CVE-2026-34781,2026-04-07T15:52:28Z,"Electron: Crash in clipboard.readImage() on malformed clipboard image data",electron,41.0.0-alpha.1,41.1.0,,LOW,CWE-476,
+CVE-2026-34781,2026-04-07T15:52:28Z,"Electron: Crash in clipboard.readImage() on malformed clipboard image data",electron,42.0.0-alpha.1,42.0.0-alpha.5,,LOW,CWE-476,
 CVE-2026-34784,2026-04-01T23:09:14Z,"Parser Server's streaming file download bypasses afterFind file trigger authorization",parse-server,0,8.6.71,,HIGH,CWE-285,
 CVE-2026-34784,2026-04-01T23:09:14Z,"Parser Server's streaming file download bypasses afterFind file trigger authorization",parse-server,9.0.0,9.7.1-alpha.1,,HIGH,CWE-285,
 CVE-2026-34825,2026-04-01T23:44:37Z,"NocoBase Has SQL Injection via template variable substitution in workflow SQL node","@nocobase/plugin-workflow-sql",0,2.0.30,,HIGH,CWE-89,
 CVE-2026-3484,2026-03-03T21:31:16Z,"MCP NMAP Server has an Injection vulnerability",mcp-nmap-server,0,,1.0.1,MODERATE,CWE-74;CWE-77,
 CVE-2026-34841,2026-04-02T18:34:04Z,"Axios npm Supply Chain Incident Impacting @usebruno/cli",@usebruno/cli,0,3.2.1,,CRITICAL,CWE-1395;CWE-494;CWE-506,
-CVE-2026-34950,2026-04-02T20:37:54Z,"fast-jwt: Incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key",fast-jwt,0,,6.1.0,CRITICAL,CWE-327,
+CVE-2026-34950,2026-04-02T20:37:54Z,"fast-jwt: Incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key",fast-jwt,0,6.2.0,,CRITICAL,CWE-20;CWE-327,
 CVE-2026-35038,2026-04-03T04:04:22Z,"Signal K Server: Arbitrary Prototype Read via `from` Field Bypass",signalk-server,0,2.24.0,,LOW,CWE-125;CWE-20;CWE-200,
-CVE-2026-35039,2026-04-03T04:07:09Z,"fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)",fast-jwt,0.0.1,6.1.0,,CRITICAL,CWE-1289;CWE-345;CWE-706,
+CVE-2026-35039,2026-04-03T04:07:09Z,"fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)",fast-jwt,0.0.1,6.2.0,,CRITICAL,CWE-1289;CWE-345;CWE-706,
+CVE-2026-35040,2026-04-09T16:41:20Z,"fast-jwt: Stateful RegExp (/g or /y) causes non-deterministic allowed-claim validation (logical DoS)",fast-jwt,0,6.2.1,,MODERATE,CWE-440;CWE-697,
+CVE-2026-35041,2026-04-09T16:41:40Z,"fast-jwt has a ReDoS when using RegExp in allowed* leading to CPU exhaustion during token verification",fast-jwt,5.0.0,6.2.1,,MODERATE,CWE-1333,
 CVE-2026-35042,2026-04-03T22:01:25Z,"fast-jwt accepts unknown `crit` header extensions (RFC 7515 violation)",fast-jwt,0,,6.1.0,HIGH,CWE-345;CWE-636,
 CVE-2026-3520,2026-03-05T00:27:50Z,"Multer Vulnerable to Denial of Service via Uncontrolled Recursion",multer,0,2.1.1,,HIGH,CWE-674,
 CVE-2026-35200,2026-04-04T04:22:11Z,"Parse Server: File upload Content-Type override via extension mismatch",parse-server,0,8.6.73,,LOW,CWE-436,
@@ -5620,11 +5682,126 @@ CVE-2026-35412,2026-04-04T06:11:18Z,"Directus: TUS Upload Authorization Bypass A
 CVE-2026-35413,2026-04-04T06:10:27Z,"Directus: GraphQL Schema SDL Disclosure Setting",directus,0,11.16.1,,MODERATE,CWE-200,
 CVE-2026-35441,2026-04-04T06:12:52Z,"Directus: GraphQL Alias Amplification Denial of Service Due to Missing Query Cost/Complexity Limits",directus,0,11.17.0,,MODERATE,CWE-400;CWE-770,
 CVE-2026-35442,2026-04-04T06:13:57Z,"Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries",directus,0,11.17.0,,HIGH,CWE-200;CWE-863,
+CVE-2026-35515,2026-04-06T17:59:51Z,"@nestjs/core Improperly Neutralizes Special Elements in Output Used by a Downstream Component ('Injection')",@nestjs/core,0,11.1.18,,MODERATE,CWE-74,
+CVE-2026-35525,2026-04-08T15:03:47Z,"LiquidJS: Root restriction bypass for partial and layout loading through symlinked templates",liquidjs,0,10.25.3,,HIGH,CWE-61,
+CVE-2026-35569,2026-04-16T20:44:18Z,"Stored XSS in SEO Fields Leads to Authenticated API Data Exposure in ApostropheCMS",apostrophe,0,4.29.0,,HIGH,CWE-116;CWE-79,
+CVE-2026-35603,2026-04-17T22:19:38Z,"Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows","@anthropic-ai/claude-code",0,2.1.75,,MODERATE,CWE-426,
+CVE-2026-35613,2026-04-08T00:06:03Z,"coursevault-preview has a path traversal due to improper base-directory boundary validation",coursevault-preview,0,0.1.1,,MODERATE,CWE-22,
+CVE-2026-35617,2026-03-29T15:48:15Z,"OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName",openclaw,0,2026.3.28,,LOW,CWE-639;CWE-807;CWE-863,
+CVE-2026-35618,2026-03-26T18:56:32Z,"OpenClaw: Plivo V2 verified replay identity drifts on query-only variants",openclaw,0,2026.3.23,,HIGH,CWE-294,
+CVE-2026-35619,2026-03-30T18:41:15Z,"OpenClaw has a Gateway HTTP /v1/models Route Bypasses Operator Read Scope",openclaw,0,2026.3.24,,MODERATE,CWE-284;CWE-863,
+CVE-2026-35620,2026-03-30T19:06:22Z,"OpenClaw: Non-owner command-authorized sender can change the owner-only `/send` session delivery policy",openclaw,0,2026.3.24,,MODERATE,CWE-285;CWE-862,
+CVE-2026-35621,2026-03-30T18:52:38Z,"OpenClaw: Gateway operator.write Can Reach Admin-Class Channel Allowlist Persistence via chat.send",openclaw,0,2026.3.24,,HIGH,CWE-269,
+CVE-2026-35622,2026-03-26T21:37:36Z,"OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals",openclaw,0,2026.3.22,,MODERATE,CWE-290;CWE-863,
+CVE-2026-35623,2026-03-27T22:31:19Z,"OpenClaw: BlueBubbles Webhook Missing Rate Limiting Enables Brute-Force Password Guessing",openclaw,0,,2026.3.24,MODERATE,CWE-307;CWE-521,
+CVE-2026-35624,2026-03-26T21:34:18Z,"OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens",openclaw,0,2026.3.22,,LOW,CWE-639;CWE-807;CWE-863,
+CVE-2026-35626,2026-03-26T19:50:41Z,"OpenClaw is vulnerable to unauthenticated resource exhaustion through its voice call webhook handling",openclaw,0,2026.3.22,,MODERATE,CWE-400,
+CVE-2026-35627,2026-03-26T19:08:34Z,"OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement",openclaw,0,2026.3.22,,HIGH,CWE-863,
+CVE-2026-35628,2026-03-27T22:37:35Z,"OpenClaw: Telegram Webhook Missing Guess Rate Limiting Enables Brute-Force Guessing of Weak Webhook Secret",openclaw,0,,2026.3.24,MODERATE,CWE-307;CWE-521,
+CVE-2026-35629,2026-03-29T15:48:42Z,"OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)",openclaw,0,2026.3.28,,HIGH,CWE-918,
+CVE-2026-35632,2026-03-26T21:49:25Z,"OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)",openclaw,0,,2026.2.22,MODERATE,CWE-61,
+CVE-2026-35633,2026-03-26T19:50:06Z,"OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure",openclaw,0,2026.3.22,,HIGH,CWE-400;CWE-770,
+CVE-2026-35634,2026-03-26T18:59:00Z,"OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication",openclaw,0,2026.3.23,,MODERATE,CWE-287,
+CVE-2026-35635,2026-03-26T21:45:35Z,"OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision ",openclaw,0,2026.3.22,,MODERATE,CWE-285,
+CVE-2026-35637,2026-03-26T21:27:49Z,"OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete",openclaw,0,2026.3.22,,MODERATE,CWE-863,
+CVE-2026-35639,2026-03-26T21:40:57Z,"OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve",openclaw,0,2026.3.22,,CRITICAL,CWE-269,
+CVE-2026-35640,2026-03-29T15:48:58Z,"OpenClaw: Feishu webhook reads and parses unauthenticated request bodies before signature validation",openclaw,0,2026.3.28,,MODERATE,CWE-400,
+CVE-2026-35641,2026-03-30T18:52:09Z,"OpenClaw has an Arbitrary Malicious Code Execution Vulnerability",openclaw,0,2026.3.24,,HIGH,CWE-349;CWE-426,
+CVE-2026-35643,2026-03-26T19:30:52Z,"OpenClaw: Arbitrary code execution via unvalidated WebView JavascriptInterface",openclaw,0,2026.3.22,,HIGH,CWE-77;CWE-940,
+CVE-2026-35645,2026-03-29T15:49:34Z,"OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`",openclaw,0,2026.3.28,,MODERATE,CWE-266;CWE-648;CWE-863,
+CVE-2026-35646,2026-03-29T15:50:09Z,"OpenClaw: Synology Chat Webhook Pre-Auth Rate-Limit Bypass Enables Brute-Force Guessing of Webhook Token",openclaw,0,2026.3.28,,MODERATE,CWE-307;CWE-521,
+CVE-2026-35647,2026-03-27T22:31:48Z,"OpenClaw: Matrix Verification Notices Bypass Matrix DM Policy and Reply to Unpaired DM Peers",openclaw,0,,2026.3.24,MODERATE,CWE-288;CWE-863,
+CVE-2026-35648,2026-03-26T21:14:24Z,"OpenClaw may have stale policy enforcement for queued node actions",openclaw,0,2026.3.22,,LOW,CWE-367;CWE-863,
+CVE-2026-35649,2026-03-26T21:30:54Z,"OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation",openclaw,0,2026.3.22,,LOW,CWE-285;CWE-863,
+CVE-2026-35650,2026-03-26T19:51:12Z,"OpenClaw has Inconsistent Host Exec Environment Override Sanitization",openclaw,0,2026.3.22,,HIGH,CWE-15;CWE-693,
+CVE-2026-35651,2026-03-29T15:50:41Z,"OpenClaw has ACP CLI approval prompt ANSI escape sequence injection",openclaw,2026.2.13,2026.3.28,,MODERATE,CWE-116;CWE-150,
+CVE-2026-35652,2026-03-26T21:23:04Z,"OpenClaw: Mattermost callback dispatch allowed non-allowlisted sender actions",openclaw,0,2026.3.22,,MODERATE,CWE-285;CWE-696;CWE-863,
+CVE-2026-35653,2026-03-30T19:05:11Z,"OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface",openclaw,0,2026.3.24,,HIGH,CWE-863,
+CVE-2026-35654,2026-03-29T15:49:50Z,"OpenClaw: MS Teams Feedback Invocation Bypasses Sender Allowlists and Records Unauthorized Session Feedback",openclaw,0,2026.3.28,,MODERATE,CWE-288;CWE-863,
+CVE-2026-35655,2026-03-26T21:46:42Z,"OpenClaw's Conflicting Tool Identity Hints Bypass Dangerous-Tool Prompting",openclaw,0,2026.3.22,,MODERATE,CWE-807;CWE-863,
+CVE-2026-35656,2026-03-26T21:42:30Z,"OpenClaw: Forwarding header spoofing bypasses gateway.trustedProxies origin detection",openclaw,0,2026.3.22,,MODERATE,CWE-290,
+CVE-2026-35657,2026-03-29T15:46:40Z,"OpenClaw: Gateway HTTP Session History Route Bypasses Operator Read Scope",openclaw,0,2026.3.25,,MODERATE,CWE-639;CWE-863,
+CVE-2026-35658,2026-03-26T21:48:06Z,"OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts",openclaw,0,2026.3.2,,MODERATE,CWE-668;CWE-863,
+CVE-2026-35659,2026-03-26T19:50:24Z,"OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution",openclaw,0,2026.3.22,,MODERATE,CWE-345;CWE-642,
+CVE-2026-35660,2026-03-26T19:00:45Z,"OpenClaw: Gateway agent /reset exposes admin session reset to operator.write callers",openclaw,0,2026.3.23,,HIGH,CWE-862,
+CVE-2026-35661,2026-03-29T15:50:23Z,"OpenClaw: Telegram DM-Scoped Inline Button Callbacks Bypass DM Pairing and Mutate Session State",openclaw,0,2026.3.28,,MODERATE,CWE-285;CWE-288;CWE-863,
+CVE-2026-35662,2026-03-26T21:44:41Z,"OpenClaw leaf subagents can bypass controlScope restrictions to send messages to child sessions",openclaw,0,2026.3.22,,MODERATE,CWE-285;CWE-862,
+CVE-2026-35663,2026-03-27T22:29:12Z,"OpenClaw: Gateway Backend Reconnect lets Non-Admin Operator Scopes Self-Claim operator.admin",openclaw,0,,2026.3.24,CRITICAL,CWE-269;CWE-863,
+CVE-2026-35664,2026-03-29T15:49:17Z,"OpenClaw: Feishu Raw Card Send Surface Can Mint Legacy Card Callbacks That Bypass DM Pairing",openclaw,0,2026.3.28,,MODERATE,CWE-288;CWE-863,
+CVE-2026-35665,2026-03-30T18:32:03Z,"OpenClaw has incomplete Fix for CVE-2026-32011: Feishu Webhook Pre-Auth Body Parsing DoS (Slow-Body / Slowloris Variant)",openclaw,0,2026.3.24,,MODERATE,CWE-400;CWE-405,
+CVE-2026-35666,2026-03-26T19:08:45Z,"OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper",openclaw,0,2026.3.22,,HIGH,CWE-706;CWE-863,
+CVE-2026-35667,2026-03-30T18:30:01Z,"OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`",openclaw,0,2026.3.24,,MODERATE,CWE-404,
+CVE-2026-35668,2026-03-30T18:31:02Z,"OpenClaw has Sandbox Media Root Bypass via Unnormalized `mediaUrl` / `fileUrl` Parameter Keys (CWE-22)",openclaw,0,2026.3.24,,HIGH,CWE-22,
+CVE-2026-35669,2026-03-27T22:30:57Z,"OpenClaw: Gateway Plugin HTTP Auth Grants Unrestricted operator.admin Runtime Scope to All Callers",openclaw,0,,2026.3.24,HIGH,CWE-266;CWE-863,
+CVE-2026-35670,2026-03-26T19:08:16Z,"OpenClaw: Synology Chat reply delivery could be rebound through username-based user resolution.",openclaw,0,2026.3.22,,MODERATE,CWE-639;CWE-706;CWE-807,
 CVE-2026-3635,2026-03-25T19:32:28Z,"fastify: request.protocol and request.host Spoofable via X-Forwarded-Proto/Host from Untrusted Connections",fastify,0,5.8.3,,MODERATE,CWE-348,
+CVE-2026-39313,2026-04-16T20:44:32Z,"MCP-Framework: Unbounded memory allocation in readRequestBody allows denial of service via HTTP transport",mcp-framework,0,0.2.22,,HIGH,CWE-770,
+CVE-2026-39315,2026-04-09T20:28:05Z,"Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()",unhead,0,2.1.13,,MODERATE,CWE-184,
+CVE-2026-39321,2026-04-08T00:07:10Z,"Parse Server has a login timing side-channel reveals user existence",parse-server,0,8.6.74,,MODERATE,CWE-208,
+CVE-2026-39321,2026-04-08T00:07:10Z,"Parse Server has a login timing side-channel reveals user existence",parse-server,9.0.0,9.8.0-alpha.6,,MODERATE,CWE-208,
+CVE-2026-39356,2026-04-08T00:14:58Z,"Drizzle ORM has SQL injection via improperly escaped SQL identifiers",drizzle-orm,0,0.45.2,,HIGH,CWE-89,
+CVE-2026-39356,2026-04-08T00:14:58Z,"Drizzle ORM has SQL injection via improperly escaped SQL identifiers",drizzle-orm,1.0.0-beta.2,1.0.0-beta.20,,HIGH,CWE-89,
+CVE-2026-39363,2026-04-06T18:03:24Z,"Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket",vite,6.0.0,6.4.2,,HIGH,CWE-200;CWE-306,
+CVE-2026-39363,2026-04-06T18:03:24Z,"Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket",vite,7.0.0,7.3.2,,HIGH,CWE-200;CWE-306,
+CVE-2026-39363,2026-04-06T18:03:24Z,"Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket",vite,8.0.0,8.0.5,,HIGH,CWE-200;CWE-306,
+CVE-2026-39364,2026-04-06T18:03:32Z,"Vite: `server.fs.deny` bypassed with queries",vite,7.1.0,7.3.2,,HIGH,CWE-180;CWE-284,
+CVE-2026-39364,2026-04-06T18:03:32Z,"Vite: `server.fs.deny` bypassed with queries",vite,8.0.0,8.0.5,,HIGH,CWE-180;CWE-284,
+CVE-2026-39365,2026-04-06T18:03:46Z,"Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",vite,0,6.4.2,,MODERATE,CWE-200;CWE-22,
+CVE-2026-39365,2026-04-06T18:03:46Z,"Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",vite,7.0.0,7.3.2,,MODERATE,CWE-200;CWE-22,
+CVE-2026-39365,2026-04-06T18:03:46Z,"Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",vite,8.0.0,8.0.5,,MODERATE,CWE-200;CWE-22,
+CVE-2026-39371,2026-04-08T00:12:06Z,"RedwoodSDK has a CSRF vulnerability in server function dispatch via GET requests",rwsdk,1.0.0-beta.50,1.0.6,,HIGH,CWE-352,
+CVE-2026-39381,2026-04-08T00:14:50Z,"Parse Server's Endpoint `/sessions/me` bypasses `_Session` `protectedFields`",parse-server,7.0.0,8.6.75,,MODERATE,CWE-863,
+CVE-2026-39381,2026-04-08T00:14:50Z,"Parse Server's Endpoint `/sessions/me` bypasses `_Session` `protectedFields`",parse-server,9.0.0,9.8.0-alpha.7,,MODERATE,CWE-863,
+CVE-2026-39397,2026-04-08T00:15:54Z,"@delmaredigital/payload-puc is missing authorization on /api/puck/* CRUD endpoints allows unauthenticated access to Puck-registered collections","@delmaredigital/payload-puck",0,0.6.23,,CRITICAL,CWE-862,
+CVE-2026-39398,2026-04-08T00:16:09Z,"openclaw-claude-bridge: sandbox is not effective - `--allowed-tools """"` does not restrict available tools",openclaw-claude-bridge,0,2.0.0,,MODERATE,CWE-1188;CWE-276,
+CVE-2026-39406,2026-04-08T00:16:39Z,"@hono/node-server: Middleware bypass via repeated slashes in serveStatic",@hono/node-server,0,1.19.13,,MODERATE,CWE-22,
+CVE-2026-39407,2026-04-08T00:16:45Z,"Hono: Middleware bypass via repeated slashes in serveStatic",hono,0,4.12.12,,MODERATE,CWE-22,
+CVE-2026-39408,2026-04-08T00:16:51Z,"Hono: Path traversal in toSSG() allows writing files outside the output directory",hono,4.0.0,4.12.12,,MODERATE,CWE-22,
+CVE-2026-39409,2026-04-08T00:17:14Z,"Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses",hono,0,4.12.12,,MODERATE,CWE-180,
+CVE-2026-39410,2026-04-08T00:17:21Z,"Hono: Non-breaking space prefix bypass in cookie name handling in getCookie()",hono,0,4.12.12,,MODERATE,CWE-20,
+CVE-2026-39411,2026-04-08T15:04:30Z,"LobeHub: Unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header",@lobehub/lobehub,0,2.1.48,,MODERATE,CWE-287;CWE-290;CWE-345,
+CVE-2026-39412,2026-04-08T15:04:39Z,"LiquidJS: ownPropertyOnly bypass via sort_natural filter — prototype property information disclosure through sorting side-channel",liquidjs,0,10.25.4,,MODERATE,CWE-200,
 CVE-2026-3965,2026-03-12T00:31:17Z,"@whyour/qinglong: manipulation of the argument command leads to protection mechanism failure",@whyour/qinglong,0,2.20.2,,LOW,CWE-693,
+CVE-2026-39857,2026-04-16T20:45:15Z,"ApostropheCMS: Information Disclosure via choices/counts Query Parameters Bypassing publicApiProjection Field Restrictions",apostrophe,0,4.29.0,,MODERATE,CWE-200,
+CVE-2026-39859,2026-04-08T15:04:44Z,"LiquidJS: `renderFile()` / `parseFile()` bypass configured `root` and allow arbitrary file read",liquidjs,0,10.25.5,,MODERATE,CWE-22,
+CVE-2026-39865,2026-04-08T15:51:48Z,"Axios HTTP/2 Session Cleanup State Corruption Vulnerability",axios,1.13.0,1.13.2,,MODERATE,CWE-400,
+CVE-2026-39884,2026-04-14T22:32:15Z,"MCP Server Kubernetes has an Argument Injection in port_forward tool via space-splitting",mcp-server-kubernetes,0,3.5.0,,HIGH,CWE-88,
+CVE-2026-39885,2026-04-08T19:22:53Z,"mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications",@frontmcp/adapters,0,1.0.4,,HIGH,CWE-918,
+CVE-2026-39885,2026-04-08T19:22:53Z,"mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications",@frontmcp/sdk,0,1.0.4,,HIGH,CWE-918,
+CVE-2026-39885,2026-04-08T19:22:53Z,"mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications",mcp-from-openapi,0,2.3.0,,HIGH,CWE-918,
+CVE-2026-39942,2026-04-04T06:06:39Z,"Directus: Path Traversal and Broken Access Control in File Management API",directus,0,11.17.0,,HIGH,CWE-284;CWE-639;CWE-915,
+CVE-2026-39943,2026-04-04T06:12:07Z,"Directus: Sensitive fields exposed in revision history",directus,0,11.17.0,,MODERATE,CWE-200;CWE-312,
+CVE-2026-39974,2026-04-08T19:53:48Z,"n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode",n8n-mcp,0,2.47.4,,HIGH,CWE-918,
+CVE-2026-39983,2026-04-08T20:02:25Z,"basic-ftp has FTP Command Injection via CRLF",basic-ftp,5.2.0,5.2.1,,HIGH,CWE-93,
+CVE-2026-40037,2026-04-09T17:37:08Z,"OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects",openclaw,0,2026.4.8,,HIGH,CWE-345,
+CVE-2026-40073,2026-04-10T17:24:31Z,"@sveltejs/adapter-node has a BODY_SIZE_LIMIT bypass",@sveltejs/kit,0,2.57.1,,HIGH,CWE-770,
+CVE-2026-40074,2026-04-10T17:32:00Z,"@sveltejs/kit: Unvalidated redirect in handle hook causes Denial-of-Service",@sveltejs/kit,0,2.57.1,,MODERATE,CWE-755,
+CVE-2026-40163,2026-04-10T19:30:27Z,"Saltcorn has an Unauthenticated Path Traversal in sync endpoints, allowing arbitrary file write and directory read",@saltcorn/server,0,1.4.5,,HIGH,CWE-22,
+CVE-2026-40163,2026-04-10T19:30:27Z,"Saltcorn has an Unauthenticated Path Traversal in sync endpoints, allowing arbitrary file write and directory read",@saltcorn/server,1.5.0-beta.0,1.5.5,,HIGH,CWE-22,
+CVE-2026-40163,2026-04-10T19:30:27Z,"Saltcorn has an Unauthenticated Path Traversal in sync endpoints, allowing arbitrary file write and directory read",@saltcorn/server,1.6.0-alpha.0,1.6.0-beta.4,,HIGH,CWE-22,
+CVE-2026-40175,2026-04-10T19:47:16Z,"Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain",axios,0,0.31.0,,MODERATE,CWE-113;CWE-444;CWE-918,
+CVE-2026-40175,2026-04-10T19:47:16Z,"Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain",axios,1.0.0,1.15.0,,MODERATE,CWE-113;CWE-444;CWE-918,
+CVE-2026-40186,2026-04-16T21:08:29Z,"sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements",sanitize-html,2.17.2,2.17.3,,MODERATE,CWE-79,
+CVE-2026-40190,2026-04-10T20:18:02Z,"LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`",langsmith,0,0.5.18,,MODERATE,CWE-1321,
+CVE-2026-40255,2026-04-14T20:01:28Z,"@adonisjs/http-server has an Open Redirect vulnerability",@adonisjs/core,0,,7.3.1,MODERATE,CWE-601,
+CVE-2026-40255,2026-04-14T20:01:28Z,"@adonisjs/http-server has an Open Redirect vulnerability",@adonisjs/http-server,0,7.8.1,,MODERATE,CWE-601,
+CVE-2026-40255,2026-04-14T20:01:28Z,"@adonisjs/http-server has an Open Redirect vulnerability",@adonisjs/http-server,8.0.0-next.0,8.2.0,,MODERATE,CWE-601,
+CVE-2026-40299,2026-04-10T21:03:55Z,"next-intl has an open redirect vulnerability",next-intl,0,4.9.1,,MODERATE,CWE-601,
+CVE-2026-40346,2026-04-15T19:43:50Z,"NocoBase has SSRF in Workflow HTTP Request and Custom Request Plugins","@nocobase/plugin-workflow-request",0,2.0.37,,MODERATE,CWE-918,
 CVE-2026-4039,2026-02-27T21:36:17Z,"OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)",openclaw,0,2026.2.21,,MODERATE,CWE-1341;CWE-15;CWE-94,
 CVE-2026-4040,2026-02-19T22:06:26Z,"OpenClaw safeBins file-existence oracle information disclosure",openclaw,0,2026.2.19,,MODERATE,CWE-203,
+CVE-2026-40879,2026-04-14T00:15:09Z,"Nest Affected by DoS via Recursive handleData in JsonSocket (TCP Transport)",@nestjs/microservices,0,11.1.19,,HIGH,CWE-770,
+CVE-2026-40887,2026-04-14T22:38:01Z,"@vendure/core has a SQL Injection vulnerability",@vendure/core,1.7.4,2.3.4,,CRITICAL,CWE-89,
+CVE-2026-40887,2026-04-14T22:38:01Z,"@vendure/core has a SQL Injection vulnerability",@vendure/core,3.0.0,3.5.7,,CRITICAL,CWE-89,
+CVE-2026-40887,2026-04-14T22:38:01Z,"@vendure/core has a SQL Injection vulnerability",@vendure/core,3.6.0,3.6.2,,CRITICAL,CWE-89,
+CVE-2026-40897,2026-04-16T22:38:43Z,"Unsafe object property setter in mathjs",mathjs,13.1.1,15.2.0,,HIGH,CWE-915,
 CVE-2026-4092,2026-03-13T20:57:29Z,"@google/clasp vulnerable to unsafe path traversal cloning or pulling a malicious script",@google/clasp,0,3.2.0,,HIGH,CWE-22,
+CVE-2026-40931,2026-04-17T21:32:59Z,"Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing",compressing,0,1.10.5,,HIGH,CWE-59,
+CVE-2026-40931,2026-04-17T21:32:59Z,"Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing",compressing,2.0.0,2.1.1,,HIGH,CWE-59,
+CVE-2026-40933,2026-04-16T21:18:17Z,"Flowise: Authenticated RCE Via MCP Adapters",flowise,0,3.1.0,,CRITICAL,CWE-78,
+CVE-2026-40933,2026-04-16T21:18:17Z,"Flowise: Authenticated RCE Via MCP Adapters",flowise-components,0,3.1.0,,CRITICAL,CWE-78,
+CVE-2026-41242,2026-04-16T22:34:57Z,"Arbitrary code execution in protobufjs",protobufjs,0,7.5.5,,CRITICAL,CWE-94,
+CVE-2026-41242,2026-04-16T22:34:57Z,"Arbitrary code execution in protobufjs",protobufjs,8.0.0,8.0.1,,CRITICAL,CWE-94,
 CVE-2026-4258,2026-03-17T06:31:32Z,"sjcl is missing point-on-curve validation in sjcl.ecc.basicKey.publicKey",sjcl,0,1.0.9,,HIGH,CWE-325;CWE-347,
 CVE-2026-4598,2026-03-23T06:30:29Z,"jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputs",jsrsasign,0,11.1.1,,HIGH,CWE-835,
 CVE-2026-4599,2026-03-23T06:30:29Z,"jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation",jsrsasign,7.0.0,11.1.1,,CRITICAL,CWE-1023,
@@ -5641,6 +5818,19 @@ CVE-2026-4923,2026-03-27T22:23:52Z,"path-to-regexp vulnerable to Regular Express
 CVE-2026-4926,2026-03-27T22:23:27Z,"path-to-regexp vulnerable to Denial of Service via sequential optional groups",path-to-regexp,8.0.0,8.4.0,,HIGH,CWE-1333;CWE-400,
 CVE-2026-5323,2026-04-02T09:30:24Z,"a11y-mcp: Server-Side Request Forgery (SSRF) vulnerability in A11yServer function",a11y-mcp,0,1.0.5,,LOW,CWE-918,
 CVE-2026-5327,2026-04-02T12:31:05Z,"fast-filesystem-mcp is vulnerable to command injection through handleGetDiskUsage function",fast-filesystem-mcp,0,,3.5.0,LOW,CWE-74,
+CVE-2026-5602,2026-04-06T00:30:24Z,"@nor2/heim-mcp vulnerable to command injection",@nor2/heim-mcp,0,,0.1.3,LOW,CWE-77,
+CVE-2026-5603,2026-04-06T00:30:24Z,"@elgentos/magento2-dev-mcp vulnerable to command injection","@elgentos/magento2-dev-mcp",0,,1.0.2,LOW,CWE-77,
+CVE-2026-5758,2026-04-15T18:31:58Z,"Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution",protocol-buffers-schema,0,3.6.1,,MODERATE,CWE-1321,
+CVE-2026-5831,2026-04-09T03:31:14Z,"Agions taskflow-ai vulnerable to os command injection in src/mcp/server/handlers.ts",taskflow-ai,0,2.1.9,,MODERATE,CWE-77,
+CVE-2026-5832,2026-04-09T03:31:15Z,"api-lab-mcp vulnerable to SSRF",api-lab-mcp,0,,0.2.1,MODERATE,CWE-918,
+CVE-2026-5833,2026-04-09T06:30:27Z,"awwaiid mcp-server-taskwarrior vulnerable to command injection",mcp-server-taskwarrior,0,,1.0.1,LOW,CWE-74,
+CVE-2026-5842,2026-04-09T06:30:28Z,"decolua 9router vulnerable to authorization bypass",9router,0,0.3.75,,MODERATE,CWE-285,
+CVE-2026-5986,2026-04-10T00:30:31Z,"Zod jsVideoUrlParser vulnerable to ReDoS in util.js",js-video-url-parser,0,,0.5.1,MODERATE,CWE-400,
+CVE-2026-6011,2026-04-10T06:31:38Z,"OpenClaw vulnerable to SSRF in src/agents/tools/web-fetch.ts",openclaw,0,2026.1.29,,LOW,CWE-918,
+CVE-2026-6216,2026-04-13T21:30:45Z,"DbGate has cross site scripting via the  SVG Icon String Handler component",dbgate-web,0,7.1.5,,LOW,CWE-79,
+CVE-2026-6270,2026-04-16T22:29:04Z,"@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes",@fastify/middie,0,9.3.2,,CRITICAL,CWE-436,
+CVE-2026-6410,2026-04-16T22:34:30Z,"@fastify/static vulnerable to path traversal in directory listing",@fastify/static,8.0.0,9.1.1,,MODERATE,CWE-22,
+CVE-2026-6414,2026-04-16T22:34:03Z,"@fastify/static vulnerable to route guard bypass via encoded path separators",@fastify/static,8.0.0,9.1.1,,MODERATE,CWE-177,
 GHSA-224h-p7p5-rh85,2020-09-01T17:32:26Z,"Directory Traversal in wenluhong1",wenluhong1,0.0.0,,,HIGH,CWE-22,
 GHSA-224p-v68g-5g8f,2025-08-26T18:45:55Z,"GraphQL Armor Max-Depth Plugin Bypass via fragment caching","@escape.tech/graphql-armor-max-depth",0,2.4.2,,MODERATE,CWE-400,
 GHSA-226w-6hhj-69hp,2020-09-03T19:06:52Z,"Malicious Package in cal_rd",cal_rd,0.0.0,,,CRITICAL,CWE-506,
@@ -5658,12 +5848,19 @@ GHSA-24v3-254g-jv85,2025-12-19T21:32:35Z,"Tuta Mail has DOM attribute and CSS in
 GHSA-255r-pghp-r5wh,2020-09-03T17:05:34Z,"Malicious Package in hdeky",hdeky,0.0.0,,,CRITICAL,CWE-506,
 GHSA-2563-83p7-f34p,2020-09-02T20:24:41Z,"Malicious Package in requestt",requestt,0,,,CRITICAL,CWE-506,
 GHSA-25v4-mcx4-hh35,2020-09-04T17:28:28Z,"Cross-Site Scripting in atlasboard-atlassian-package","atlasboard-atlassian-package",0.0.0,,,HIGH,CWE-79,
+GHSA-25wv-8phj-8p7r,2026-04-09T17:35:57Z,"OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths",openclaw,0,2026.4.4,,LOW,CWE-400,
+GHSA-265w-rf2w-cjh4,2026-04-16T22:45:26Z,"Paperclip: Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand Leading to OS Command Execution",@paperclipai/server,0,2026.416.0,,HIGH,CWE-78,
 GHSA-26hg-crh6-mjrw,2021-02-23T21:28:28Z,"Directory Traversal",list-n-stream,0,0.0.11,,HIGH,,
+GHSA-26pp-8wgv-hjvm,2026-04-08T00:17:02Z,"Hono missing validation of cookie name on write path in setCookie()",hono,0,4.12.12,,MODERATE,CWE-113,
+GHSA-26wg-9xf2-q495,2026-04-14T23:23:01Z,"Novu has a XSS sanitization bypass",novu/api,0,3.15.0,,HIGH,CWE-79,
+GHSA-2767-2q9v-9326,2026-04-17T21:57:31Z,"OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes",openclaw,0,2026.4.12,,MODERATE,CWE-918,
 GHSA-277h-px4m-62q8,2024-10-03T19:46:12Z,"@saltcorn/server arbitrary file zip read and download when downloading auto backups",@saltcorn/server,0,1.0.0-beta.14,,MODERATE,CWE-22,
 GHSA-277p-xwpp-3jf7,2020-09-02T15:49:22Z,"Malicious Package in rrgod",rrgod,0.0.0,,,CRITICAL,CWE-506,
 GHSA-27v7-qhfv-rqq8,2019-05-30T17:26:30Z,"Insecure Credential Storage in web3",web3,0,,1.5.2,LOW,,
 GHSA-2858-xg23-26fp,2026-03-03T21:18:56Z,"OpenClaw: Node camera URL payload host-binding bypass allowed gateway fetch pivots",openclaw,2026.2.13,2026.3.2,,MODERATE,CWE-918,
 GHSA-28f4-mjfq-qrvf,2020-09-03T22:18:40Z,"Malicious Package in buffes-xor",buffes-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-28g4-38q8-3cwc,2026-04-16T21:54:26Z,"Flowise: Cypher Injection in GraphCypherQAChain",flowise,0,3.1.0,,HIGH,CWE-943,
+GHSA-28g4-38q8-3cwc,2026-04-16T21:54:26Z,"Flowise: Cypher Injection in GraphCypherQAChain",flowise-components,0,3.1.0,,HIGH,CWE-943,
 GHSA-28hp-fgcr-2r4h,2019-06-27T17:25:42Z,"Cross-Site Scripting via JSONP",angular,0,1.6.0,,MODERATE,CWE-79,
 GHSA-28xh-wpgr-7fm8,2019-06-20T15:35:49Z,"Command Injection in open",open,0,6.0.0,,CRITICAL,CWE-77,
 GHSA-28xx-8j99-m32j,2020-09-01T20:37:25Z,"Malicious Package in nginxbeautifier",nginxbeautifier,1.0.14,1.0.15,,CRITICAL,CWE-506,
@@ -5672,7 +5869,9 @@ GHSA-2c83-wfv3-q25f,2021-09-07T23:07:56Z,"Improper Neutralization of Special Ele
 GHSA-2cf5-4w76-r9qv,2020-09-04T14:57:38Z,"Arbitrary Code Execution in handlebars",handlebars,0,3.0.8,,HIGH,CWE-94,
 GHSA-2cf5-4w76-r9qv,2020-09-04T14:57:38Z,"Arbitrary Code Execution in handlebars",handlebars,4.0.0,4.5.2,,HIGH,CWE-94,
 GHSA-2ch6-x3g4-7759,2026-03-03T23:19:46Z,"OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From",openclaw,0,2026.2.23,,HIGH,CWE-639,
+GHSA-2cq5-mf3v-mx44,2026-04-17T22:16:04Z,"OpenClaw: busybox and toybox applet execution weakened exec approval binding",openclaw,2026.2.23,2026.4.12,,HIGH,CWE-863,
 GHSA-2cwr-f5hx-gg3w,2026-03-19T03:30:57Z,"Duplicate Advisory: OpenClaw: stageSandboxMedia destination symlink traversal can overwrite files outside sandbox workspace",openclaw,0,,2026.3.1,MODERATE,CWE-59,
+GHSA-2f7j-rp58-mr42,2026-04-07T18:15:44Z,"OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients",openclaw,0,2026.4.2,,MODERATE,CWE-200,
 GHSA-2fvv-qxrq-7jq6,2022-08-18T18:55:01Z,"apollo-server-core vulnerable to URL-based XSS attack affecting IE11 on default landing page",apollo-server-core,3.0.0,3.10.1,,MODERATE,CWE-79,
 GHSA-2fwq-wx47-hm6x,2020-09-04T15:31:39Z,"Malicious Package in bcion",bcion,0.0.0,,,CRITICAL,CWE-506,
 GHSA-2g8g-63j4-9w3r,2021-12-01T18:29:12Z,"RCE vulnerability affecting v1beta3 templates in @backstage/plugin-scaffolder-backend","@backstage/plugin-scaffolder-backend",0,0.15.14,,HIGH,,
@@ -5681,6 +5880,7 @@ GHSA-2h3x-95c6-885r,2020-09-03T17:46:46Z,"Malicious Package in river-mock",river
 GHSA-2hm8-rqrm-xfjq,2026-03-03T21:36:33Z,"OpenClaw's owner-only gateway tool access checks were incomplete in specific authenticated DM flows",openclaw,0,2026.2.19,,MODERATE,CWE-269;CWE-863,
 GHSA-2hqf-qqmq-pgpp,2020-09-02T15:48:16Z,"Malicious Package in commander-js",commander-js,0.0.0,,,CRITICAL,CWE-506,
 GHSA-2hwp-g4g7-mwwj,2019-05-29T20:25:35Z,"Reflected Cross-Site Scripting in jquery.terminal",jquery.terminal,0,1.21.0,,MODERATE,CWE-79,
+GHSA-2j53-2c28-g9v2,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement",openclaw,0,2026.3.22,,MODERATE,CWE-696,
 GHSA-2jm5-2cqf-6vw9,2020-09-04T15:30:32Z,"Malicious Package in baes-x",baes-x,0.0.0,,,CRITICAL,CWE-506,
 GHSA-2m96-9w4j-wgv7,2020-09-03T18:06:00Z,"Prototype Pollution in lodash.merge",lodash.merge,0,4.6.1,,HIGH,CWE-1321,
 GHSA-2mc2-g238-722j,2026-03-03T21:35:21Z,"OpenClaw affected by iMessage remote attachment SCP hardening (strict host-key checks and remoteHost validation)",openclaw,0,2026.2.19,,MODERATE,CWE-295;CWE-78,
@@ -5691,6 +5891,8 @@ GHSA-2p3c-p3qw-69r4,2022-10-12T14:15:48Z,"The graphql-upload library included in
 GHSA-2p62-c4rm-mr72,2020-09-01T19:44:57Z,"Malicious Package in another-date-picker",another-date-picker,2.0.43,2.0.45,,CRITICAL,CWE-506,
 GHSA-2p99-6f47-8x9j,2020-09-02T18:38:39Z,"Malicious Package in asnc",asnc,0,,,CRITICAL,CWE-506,
 GHSA-2pr6-76vf-7546,2019-06-05T14:35:29Z,"Denial of Service in js-yaml",js-yaml,0,3.13.0,,MODERATE,CWE-400,
+GHSA-2qqc-p94c-hxwh,2026-04-16T21:22:00Z,"Flowise: Weak Default Express Session Secret",flowise,0,3.1.0,,MODERATE,CWE-798,
+GHSA-2qrv-rc5x-2g2h,2026-04-07T18:15:41Z,"OpenClaw: Untrusted workspace channel shadows could execute during built-in channel setup",openclaw,0,2026.4.2,,MODERATE,CWE-829,
 GHSA-2r8f-2665-3gxq,2020-09-02T21:36:36Z,"Malicious Package in froever",froever,0,,,CRITICAL,CWE-506,
 GHSA-2rqg-gjgv-84jm,2026-03-13T20:55:30Z,"OpenClaw: Gateway `agent` calls could override the workspace boundary",openclaw,0,2026.3.11,,HIGH,CWE-668,
 GHSA-2vqq-jgxx-fxjc,2020-09-11T21:24:33Z,"Malicious Package in motiv.scss",motiv.scss,0.4.20,0.4.21,,CRITICAL,CWE-506,
@@ -5698,19 +5900,23 @@ GHSA-2w79-r9g8-wmcr,2026-04-03T03:13:35Z,"OpenClaw: Voice-call still parses larg
 GHSA-2w8g-m5j8-7m87,2022-01-12T21:45:59Z,"Zalgo-like output that crashes the server",@soketi/soketi,0,0.26.1,,CRITICAL,,
 GHSA-2w8q-69fh-9gq6,2020-09-03T22:25:09Z,"Malicious Package in bufger-xor",bufger-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-2w9p-xf5h-qwj3,2023-03-27T03:30:16Z,"Duplicate Advisory: pullit Command Injection vulnerability",pullit,0,,,HIGH,,
+GHSA-2x8m-83vc-6wv4,2026-04-16T21:51:00Z,"Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)",flowise,0,3.1.0,,HIGH,CWE-918;CWE-367,
+GHSA-2x8m-83vc-6wv4,2026-04-16T21:51:00Z,"Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)",flowise-components,0,3.1.0,,HIGH,CWE-918;CWE-367,
 GHSA-2xv3-h762-ccxv,2019-05-29T19:18:02Z,"Out-of-bounds Read in concat-with-sourcemaps",concat-with-sourcemaps,1.0.0,1.0.6,,MODERATE,CWE-125,
 GHSA-2xw5-3767-qxvm,2020-09-11T21:21:20Z,"Malicious Package in ng-ui-library",ng-ui-library,1.0.987,1.0.990,,CRITICAL,CWE-506,
 GHSA-3233-rgx3-c2wh,2018-10-09T00:38:09Z,"Moderate severity vulnerability that affects mustache",mustache,0,2.2.1,,MODERATE,,
-GHSA-3298-56p6-rpw2,2026-03-30T18:30:01Z,"OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`",openclaw,0,2026.3.24,,MODERATE,CWE-404,
 GHSA-32vw-r77c-gm67,2020-08-03T17:57:05Z,"Withdrawn Advisory: marked cross-site scripting vulnerability",marked,0,0.3.3,,MODERATE,,
 GHSA-33gc-f8v9-v8hm,2020-09-01T20:41:40Z,"Malicious Package in ladder-text-js",ladder-text-js,0,,,CRITICAL,CWE-506,
 GHSA-33hq-fvwr-56pm,2026-02-19T20:29:30Z,"devalue affected by CPU and memory amplification from sparse arrays",devalue,0,5.6.3,,LOW,CWE-770,
+GHSA-33r3-4whc-44c2,2026-04-16T01:02:48Z," Path traversal in vite-plus/binding downloadPackageManager() writes outside VP_HOME",vite-plus,0,0.1.17,,HIGH,CWE-22,
 GHSA-353r-3v84-9pjj,2020-09-01T20:40:36Z,"Malicious Package in nothing-js",nothing-js,0,,,CRITICAL,CWE-506,
+GHSA-35cq-wv6v-88xf,2026-03-31T15:31:56Z,"Duplicate Advisory: OpenClaw affected by SSRF via unguarded image download in fal provider",openclaw,0,2026.3.28,,MODERATE,CWE-918,
 GHSA-364x-8g5j-x2pr,2026-03-27T18:08:15Z,"n8n has XSS in its Credential Management Flow",n8n,0,2.6.4,,MODERATE,CWE-79,
 GHSA-364x-8g5j-x2pr,2026-03-27T18:08:15Z,"n8n has XSS in its Credential Management Flow",n8n,2.7.0,2.8.0,,MODERATE,CWE-79,
 GHSA-365g-vjw2-grx8,2025-10-09T15:26:59Z,"n8n: Execute Command Node Allows Authenticated Users to Run Arbitrary Commands on Host",n8n,0,,1.114.4,HIGH,CWE-78,
 GHSA-365g-vjw2-grx8,2025-10-09T15:26:59Z,"n8n: Execute Command Node Allows Authenticated Users to Run Arbitrary Commands on Host",n8n-nodes-base,0,,1.113.0,HIGH,CWE-78,
 GHSA-36c4-4r89-6whg,2020-09-03T15:49:02Z,"Prototype Pollution in @commercial/subtext",@commercial/subtext,0,5.1.2,,HIGH,CWE-1321,
+GHSA-36cp-mh65-x882,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw is vulnerable to unauthenticated resource exhaustion through its voice call webhook handling",openclaw,0,2026.3.22,,MODERATE,CWE-405,
 GHSA-36j9-mx87-2cff,2026-01-13T20:28:41Z,"Renovate vulnerable to arbitrary command injection via hermit manager and maliciously named dependencies",renovate,32.135.0,40.33.0,,MODERATE,CWE-77,
 GHSA-36jr-mh4h-2g58,2022-09-29T14:12:55Z,"d3-color vulnerable to ReDoS",d3-color,0,3.1.0,,HIGH,CWE-400,
 GHSA-36r8-9qq7-mh43,2020-09-03T17:02:40Z,"Malicious Package in we3b",we3b,0.0.0,,,CRITICAL,CWE-506,
@@ -5726,9 +5932,7 @@ GHSA-38cw-85xc-xr9x,2026-01-16T21:04:12Z,"Veramo is Vulnerable to SQL Injection
 GHSA-38hx-3542-8fh3,2020-10-01T17:09:56Z,"Malicious code in `electorn`",electorn,0,,10.0.0,CRITICAL,CWE-506,
 GHSA-38vq-cjh5-vw7x,2020-09-03T18:13:41Z,"Malicious Package in nodes.js",nodes.js,0.0.0,,,CRITICAL,CWE-506,
 GHSA-392f-ggf5-fp3c,2026-03-02T21:49:33Z,"OpenClaw: Unicode canonicalization drift in node metadata policy classification could broaden node allowlists",openclaw,0,2026.3.1,,MODERATE,CWE-176;CWE-436,
-GHSA-393c-p46r-7c95,2026-04-04T06:06:39Z,"Directus: Path Traversal and Broken Access Control in File Management API",directus,0,11.17.0,,HIGH,CWE-284;CWE-915,
-GHSA-39mp-545q-w789,2026-03-30T19:06:22Z,"OpenClaw: Non-owner command-authorized sender can change the owner-only `/send` session delivery policy",openclaw,0,2026.3.24,,MODERATE,CWE-285,
-GHSA-39pp-xp36-q6mg,2026-03-26T19:51:12Z,"OpenClaw has Inconsistent Host Exec Environment Override Sanitization",openclaw,0,2026.3.22,,HIGH,CWE-15;CWE-693,
+GHSA-39q2-94rc-95cp,2026-04-16T00:46:35Z,"DOMPurify's ADD_TAGS function form bypasses FORBID_TAGS due to short-circuit evaluation",dompurify,0,3.4.0,,MODERATE,CWE-783,
 GHSA-3c7f-5hgj-h279,2026-03-27T18:06:49Z,"n8n has XSS in Chat Trigger Node through Custom CSS",n8n,0,1.123.27,,MODERATE,CWE-79,
 GHSA-3c7f-5hgj-h279,2026-03-27T18:06:49Z,"n8n has XSS in Chat Trigger Node through Custom CSS",n8n,2.0.0-rc.0,2.13.3,,MODERATE,CWE-79,
 GHSA-3c7f-5hgj-h279,2026-03-27T18:06:49Z,"n8n has XSS in Chat Trigger Node through Custom CSS",n8n,2.14.0,2.14.1,,MODERATE,CWE-79,
@@ -5739,11 +5943,11 @@ GHSA-3f44-xw83-3pmg,2026-01-13T20:29:12Z,"Renovate vulnerable to arbitrary comma
 GHSA-3f95-w5h5-fq86,2020-09-11T21:22:24Z,"Prototype Pollution in mergify",mergify,0,,,MODERATE,CWE-1321,
 GHSA-3f97-rj68-2pjf,2020-09-03T21:48:35Z,"Malicious Package in buffe2-xor",buffe2-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-3fc5-9x9m-vqc4,2019-06-03T17:31:32Z,"Duplicate Advisory: Privilege Escalation in express-cart",express-cart,0,1.1.6,,CRITICAL,,
+GHSA-3fv3-6p2v-gxwj,2026-04-09T17:36:20Z,"OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths",openclaw,0,2026.4.8,,MODERATE,CWE-918,
 GHSA-3g4j-r53p-22wx,2025-10-17T18:31:09Z,"Duplicate Advisory: FlowiseAI Pre-Auth Arbitrary Code Execution",flowise,3.0.5,3.0.6,,CRITICAL,CWE-94,
 GHSA-3gpc-w23c-w59w,2020-09-04T15:02:06Z,"Sandbox Breakout / Arbitrary Code Execution in pitboss-ng",pitboss-ng,0,2.0.0,,CRITICAL,,
 GHSA-3gr8-2752-h46q,2026-03-31T15:31:56Z,"Duplicate Advisory: OpenClaw's message tool media parameter bypasses tool policy filesystem isolation",openclaw,0,2026.3.24,,HIGH,CWE-22,
 GHSA-3h2q-j2v4-6w5r,2026-03-09T19:53:58Z,"OpenClaw's system.run allowlist approval parsing missed PowerShell encoded-command wrappers",openclaw,0,2026.3.7,,MODERATE,CWE-184;CWE-863,
-GHSA-3h52-cx59-c456,2026-03-29T15:48:58Z,"OpenClaw: Feishu webhook reads and parses unauthenticated request bodies before signature validation",openclaw,0,2026.3.28,,MODERATE,CWE-400,
 GHSA-3h99-v4qw-p2h5,2020-09-03T19:41:56Z,"Malicious Package in coinpayment",coinpayment,0.0.0,,,CRITICAL,CWE-506,
 GHSA-3h9m-9g3g-5wqx,2020-09-03T22:13:14Z,"Malicious Package in buffer-xov",buffer-xov,0.0.0,,,CRITICAL,CWE-506,
 GHSA-3hfp-gqgh-xc5g,2026-04-02T18:36:10Z,"Axios supply chain attack - dependency in @lightdash/cli may resolve to compromised axios versions",@lightdash/cli,0.1800.0,0.2695.1,,CRITICAL,CWE-1395;CWE-508,
@@ -5758,62 +5962,80 @@ GHSA-3mpp-xfvh-qh37,2022-03-16T23:54:35Z,"node-ipc behavior change",node-ipc,11.
 GHSA-3p2x-hjxj-c7rv,2026-03-21T03:31:13Z,"Duplicate Advisory: OpenClaw's system.run approval TOCTOU via mutable symlink cwd target on node host",openclaw,0,,2026.2.24,MODERATE,CWE-367,
 GHSA-3p92-886g-qxpq,2019-06-04T15:42:32Z,"Remote Memory Exposure in floody",floody,0,0.1.1,,MODERATE,CWE-201,
 GHSA-3pm9-5j7m-59vc,2026-04-03T03:20:16Z,"OpenClaw: Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config",openclaw,0,2026.3.31,,LOW,CWE-436,
+GHSA-3prp-9gf7-4rxx,2026-04-17T21:34:16Z,"Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)",flowise,0,3.1.0,,HIGH,CWE-284;CWE-639;CWE-915,
+GHSA-3pw3-v88x-xj24,2026-04-16T22:45:14Z,"Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath",@paperclipai/shared,0,2026.416.0,,MODERATE,CWE-73,
+GHSA-3q42-xmxv-9vfr,2026-04-07T18:11:02Z,"OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send",openclaw,0,2026.3.28,,MODERATE,CWE-269,
 GHSA-3qmc-2r76-4rqp,2022-11-10T15:51:01Z,"Redwood is vulnerable to account takeover via dbAuth ""forgot-password"" ",@redwoodjs/api,0.38.0,2.2.5,,HIGH,,
 GHSA-3qmc-2r76-4rqp,2022-11-10T15:51:01Z,"Redwood is vulnerable to account takeover via dbAuth ""forgot-password"" ",@redwoodjs/api,3.0.0,3.3.1,,HIGH,,
 GHSA-3qpv-xf3v-mm45,2026-04-02T21:00:16Z,"OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code",openclaw,0,2026.3.31,,HIGH,CWE-15,
 GHSA-3r78-rqg8-95gg,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw's voice-call Twilio webhook replay could bypass manager dedupe because normalized event IDs were randomized per parse",openclaw,0,,,MODERATE,CWE-294,
 GHSA-3rw8-4xrq-3f7p,2025-03-17T21:30:34Z,"Duplicate Advisory: Uptime Kuma ReDoS vulnerability",uptime-kuma,1.23.0,,2.0.0-dev.0,MODERATE,CWE-1333,
+GHSA-3vvq-q2qc-7rmp,2026-04-09T17:37:13Z,"OpenClaw B-M3: ClawHub package downloads are not enforced with integrity verification",openclaw,0,2026.4.8,,MODERATE,CWE-353,
 GHSA-3w6x-gv34-mqpf,2026-03-26T21:24:34Z,"OpenClaw's mutating internal ACP chat commands missed operator.admin scope enforcement",openclaw,0,2026.3.22,,HIGH,CWE-862,
 GHSA-3wqh-h42r-x8fq,2020-09-03T15:46:22Z,"Denial of Service in @hapi/content",@hapi/content,0,5.0.2,,HIGH,,
 GHSA-3xc7-xg67-pw99,2019-06-05T20:43:10Z,"Sensitive Data Exposure in sequelize-cli",sequelize-cli,0,,5.4.0,LOW,CWE-532,
 GHSA-3xv9-89fm-7h4r,2026-04-03T03:24:25Z,"OpenClaw: diffs viewer misclassifies proxied remote requests as loopback when `allowRemoteViewer` is disabled",openclaw,0,2026.3.31,,MODERATE,CWE-348,
+GHSA-3xx2-mqjm-hg9x,2026-04-16T22:49:46Z,"Paperclip: Cross-tenant agent API key IDOR in `/agents/:id/keys` routes allows full victim-company compromise",@paperclipai/server,0,2026.416.0,,CRITICAL,CWE-639,
+GHSA-42mx-vp8m-j7qh,2026-04-07T18:11:21Z,"OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup",openclaw,0,2026.3.28,,MODERATE,CWE-829,
 GHSA-435c-qcpm-wjw5,2020-09-03T17:05:43Z,"Malicious Package in fs-extar",fs-extar,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4363-x42f-xph6,2020-09-03T17:05:14Z,"Malicious Package in hw-trnasport-u2f",hw-trnasport-u2f,0.0.0,,,CRITICAL,CWE-506,
+GHSA-43fj-qp3h-hrh5,2026-04-15T18:57:50Z,"Sync-in Server has Username Enumeration via Timing Attack",@sync-in/server,0,2.2.0,,MODERATE,CWE-208,
 GHSA-43vf-2x6g-p2m5,2020-09-02T21:33:26Z,"Malicious Package in browserift",browserift,0,,,CRITICAL,CWE-506,
 GHSA-442j-39wm-28r2,2026-03-29T15:16:37Z,"Handlebars.js has a Property Access Validation Bypass in container.lookup",handlebars,4.0.0,4.7.9,,LOW,CWE-367,
 GHSA-44c9-4rg5-qjgq,2026-03-19T03:30:57Z,"Duplicate Advisory: web_search citation redirect SSRF via private-network-allowing policy",openclaw,0,,,MODERATE,CWE-918,
 GHSA-44vf-8ffm-v2qh,2020-09-02T15:42:47Z,"Sensitive Data Exposure in rails-session-decoder",rails-session-decoder,0.0.0,,,HIGH,,
 GHSA-457r-cqc8-9vj9,2022-11-23T15:39:50Z,"sweetalert2 v10.16.10 and above contains hidden functionality",sweetalert2,10.16.10,11.22.4,,LOW,CWE-912,
+GHSA-458j-xx4x-4375,2026-04-16T01:02:24Z,"hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR",hono,0,4.12.14,,MODERATE,CWE-79,
+GHSA-45q2-gjvg-7973,2026-04-16T22:36:01Z,"Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server",@angular/platform-server,0,,18.2.14,HIGH,CWE-918,
+GHSA-45q2-gjvg-7973,2026-04-16T22:36:01Z,"Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server",@angular/platform-server,19.0.0-next.0,19.2.21,,HIGH,CWE-918,
+GHSA-45q2-gjvg-7973,2026-04-16T22:36:01Z,"Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server",@angular/platform-server,20.0.0-next.0,20.3.19,,HIGH,CWE-918,
+GHSA-45q2-gjvg-7973,2026-04-16T22:36:01Z,"Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server",@angular/platform-server,21.0.0-next.0,21.2.9,,HIGH,CWE-918,
+GHSA-45q2-gjvg-7973,2026-04-16T22:36:01Z,"Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server",@angular/platform-server,22.0.0-next.0,22.0.0-next.8,,HIGH,CWE-918,
 GHSA-4627-w373-375v,2020-09-11T21:22:24Z,"Malicious Package in grunt-radical",grunt-radical,0.0.14,0.0.13,,CRITICAL,,
 GHSA-46fh-8fc5-xcwx,2020-09-03T18:09:16Z,"Prototype Pollution in lodash.defaultsdeep",lodash.defaultsdeep,0,4.6.1,,HIGH,CWE-1321,
 GHSA-46j5-6fg5-4gv3,2025-12-18T09:30:30Z,"Duplicate Advisory: Nodemailer is vulnerable to DoS through Uncontrolled Recursion",nodemailer,0,7.0.11,,MODERATE,CWE-674;CWE-703,
 GHSA-474h-prjg-mmw3,2026-03-03T21:31:57Z,"OpenClaw: Sandboxed sessions_spawn(runtime=""acp"") bypassed sandbox inheritance and allowed host ACP initialization",openclaw,0,2026.3.2,,HIGH,CWE-269,
+GHSA-47wq-cj9q-wpmp,2026-04-16T22:48:32Z,"Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys",@paperclipai/server,0,2026.416.0,,CRITICAL,"CWE-1220;CWE-285;CWE-639;CWE-862",
 GHSA-4859-gpc7-4j66,2019-06-05T21:24:29Z,"Command Injection in dot",dot,0,,1.1.2,MODERATE,CWE-77,
 GHSA-48gc-5j93-5cfq,2020-09-11T21:15:54Z,"Path Traversal in serve",serve,0,10.1.2,,HIGH,CWE-22,
+GHSA-48m6-ch88-55mj,2026-04-16T21:44:24Z,"Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association",flowise,0,3.1.0,,HIGH,CWE-20;CWE-639;CWE-915,
 GHSA-48vw-m3qc-wr99,2026-03-26T19:50:59Z,"OpenClaw's Trusted-proxy Control UI sessions retain privileged scopes without device identity on device-less allow paths",openclaw,0,2026.3.22,,HIGH,,
 GHSA-4964-cjrr-jg97,2020-09-02T21:38:43Z,"Malicious Package in jqeury",jqeury,0,,,CRITICAL,CWE-506,
 GHSA-49c6-3wr4-8jr4,2020-09-04T15:05:26Z,"Malicious Package in malicious-npm-package",malicious-npm-package,0.0.0,,,CRITICAL,CWE-506,
+GHSA-49cg-279w-m73x,2026-04-17T21:55:54Z,"OpenClaw: Empty approver lists could grant explicit approval authorization",openclaw,0,2026.4.12,,MODERATE,CWE-862,
 GHSA-49mg-94fc-2fx6,2020-09-04T17:32:49Z,"Command Injection in npm-git-publish",npm-git-publish,0.0.0,,,CRITICAL,CWE-77,
 GHSA-49r3-3h96-rwj6,2019-06-13T19:09:31Z,"Cross-Site Scripting in ids-enterprise",ids-enterprise,0,4.18.2,,HIGH,CWE-79,
 GHSA-49vv-6q7q-w5cf,2021-12-10T17:22:12Z,"Duplicate Advisory: OS Command Injection in Strapi",strapi,0,3.0.0-beta.17.8,,HIGH,CWE-20;CWE-78,
 GHSA-4cqv-h74h-93j4,2026-03-03T21:49:41Z,"OpenClaw has a Discord `allowFrom` slug-collision authorization bypass",openclaw,0,2026.2.22,,MODERATE,CWE-287,
+GHSA-4f8g-77mw-3rxc,2026-04-09T17:36:53Z,"OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`",openclaw,0,2026.4.8,,LOW,CWE-269,
 GHSA-4f9m-pxwh-68hg,2020-09-11T21:20:14Z,"Cross-Site Scripting in swagger-ui",swagger-ui,0,3.20.9,,MODERATE,CWE-79,
 GHSA-4fqg-89cc-5pv5,2020-09-04T14:58:44Z,"Malicious Package in sj-labc",sj-labc,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4fr9-3x69-36wv,2025-10-03T19:27:06Z,"Flowise vulnerable to XSS",flowise,0,3.0.8,,MODERATE,CWE-79,
 GHSA-4g2x-vq5p-5vj6,2024-03-01T20:09:00Z,"Budibase affected by VM2 Constructor Escape Vulnerability",@budibase/server,0,2.20.0,,CRITICAL,CWE-94,
 GHSA-4g53-vp7q-gfjv,2021-05-28T19:18:28Z,"constructEvent does not verify header","@worker-tools/stripe-webhook",0,1.1.4,,HIGH,,
+GHSA-4g5x-2jfc-xm98,2026-04-07T18:10:41Z,"OpenClaw: Tlon media downloads can bypass core safety limits and exhaust disk",openclaw,0,2026.3.31,,MODERATE,CWE-434,
 GHSA-4gpv-cvmq-6526,2020-08-19T22:23:09Z,"Denial of Service in protobufjs",protobufjs,0,5.0.3,,MODERATE,,
 GHSA-4gpv-cvmq-6526,2020-08-19T22:23:09Z,"Denial of Service in protobufjs",protobufjs,6.0.0,6.8.6,,MODERATE,,
 GHSA-4hfc-fv33-ph9p,2020-09-03T23:26:33Z,"Malicious Package in sj-tw-abc",sj-tw-abc,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4hjg-w3ww-38c6,2020-09-03T18:03:49Z,"Malicious Package in tiar",tiar,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4hm7-73ch-vm59,2020-09-03T21:49:43Z,"Malicious Package in buffer-8or",buffer-8or,0.0.0,,,CRITICAL,CWE-506,
-GHSA-4hmj-39m8-jwc7,2026-03-29T15:50:41Z,"OpenClaw has ACP CLI approval prompt ANSI escape sequence injection",openclaw,2026.2.13,2026.3.28,,MODERATE,CWE-116;CWE-150,
 GHSA-4hq8-v42x-9wx3,2020-09-04T16:51:52Z,"Malicious Package in bs85check",bs85check,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4hxc-9384-m385,2026-03-20T20:50:38Z,"h3: SSE Event Injection via Unsanitized Carriage Return (`\r`) in EventStream Data and Comment Fields (Bypass of CVE Fix)",h3,0,1.15.9,,MODERATE,CWE-74,
 GHSA-4hxc-9384-m385,2026-03-20T20:50:38Z,"h3: SSE Event Injection via Unsanitized Carriage Return (`\r`) in EventStream Data and Comment Fields (Bypass of CVE Fix)",h3,2.0.0-beta.0,2.0.1-rc.17,,MODERATE,CWE-74,
 GHSA-4j6x-w426-6rc6,2019-11-08T17:31:17Z,"Default Express middleware security check is ignored in production","@cubejs-backend/api-gateway",0.11.0,0.11.17,,HIGH,,
 GHSA-4jfq-q299-g4cr,2020-09-02T20:28:57Z,"Malicious Package in reqquest",reqquest,0,,,CRITICAL,CWE-506,
+GHSA-4jpm-cgx2-8h37,2026-04-16T21:44:49Z,"Flowise: Sensitive Data Leak in public-chatbotConfig ",flowise,0,3.1.0,,HIGH,CWE-200;CWE-522;CWE-862,
 GHSA-4jpw-hj22-2xmc,2026-03-13T15:47:29Z,"OpenClaw: Pairing-scoped device tokens could mint `operator.admin` and reach node RCE",openclaw,0,2026.3.11,,CRITICAL,CWE-269,
 GHSA-4jqc-jvh2-pxg9,2022-06-17T01:11:10Z,"Path traversal for local publishers in TechDocs backend","@backstage/plugin-techdocs-node",0,1.1.2,,MODERATE,,
 GHSA-4jqc-jvh2-pxg9,2022-06-17T01:11:10Z,"Path traversal for local publishers in TechDocs backend","@backstage/techdocs-common",0,0.11.16,,MODERATE,,
 GHSA-4m3j-h8f2-4xh4,2020-09-03T19:41:31Z,"Malicious Package in coinstrig",coinstrig,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4m3p-x2hp-2pgx,2020-09-04T16:45:23Z,"Malicious Package in bitcroe-lib",bitcroe-lib,0.0.0,,,CRITICAL,CWE-506,
+GHSA-4p4f-fc8q-84m3,2026-04-07T18:15:03Z,"OpenClaw: iOS A2UI bridge trusted generic local-network pages for agent.request dispatch",openclaw,0,2026.4.2,,MODERATE,CWE-284,
 GHSA-4pmg-jgm5-3jg6,2020-09-02T21:16:26Z,"Malicious Package in erquest",erquest,0,,,CRITICAL,CWE-506,
 GHSA-4q2f-8g74-qm56,2020-09-03T17:18:05Z,"Cross-Site Scripting in takeapeek",takeapeek,0.0.0,,,HIGH,CWE-79,
 GHSA-4q8f-5xxj-946r,2020-09-03T02:40:51Z,"Command Injection in addax",addax,0,1.1.0,,HIGH,CWE-77,
 GHSA-4qhx-g9wp-g9m6,2019-06-14T16:09:01Z,"Failure to sanitize quotes which can lead to sql injection in squel",squel,0,,5.13.0,CRITICAL,CWE-74;CWE-89,
 GHSA-4qqc-mp5f-ccv4,2020-09-02T15:05:51Z,"Command Injection in bestzip",bestzip,0,2.1.7,,CRITICAL,CWE-77,
-GHSA-4qwc-c7g9-4xcw,2026-03-26T19:50:06Z,"OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure",openclaw,0,2026.3.22,,HIGH,CWE-400;CWE-770,
 GHSA-4r97-78gf-q24v,2020-09-04T17:53:27Z,"Duplicate Advisory: Prototype Pollution in klona",klona,0,1.1.1,,HIGH,CWE-1321,
 GHSA-4rgj-8mq3-hggj,2020-09-03T20:32:11Z,"Denial of Service in @hapi/subtext",@hapi/subtext,0,6.1.2,,HIGH,CWE-400,
 GHSA-4vcf-q4xf-f48m,2025-11-25T21:42:53Z,"Better Auth Passkey Plugin allows passkey deletion through IDOR",@better-auth/passkey,0,1.4.0,,HIGH,CWE-284;CWE-639,
@@ -5824,6 +6046,7 @@ GHSA-4w7m-58cg-cmff,2026-03-13T15:47:34Z,"OpenClaw: Leaf subagents could steer s
 GHSA-4wcx-c9c4-89p2,2020-09-11T21:23:30Z,"Malicious Package in react-datepicker-plus",react-datepicker-plus,2.4.2,2.4.6,,CRITICAL,CWE-506,
 GHSA-4whq-r978-2x68,2021-05-04T17:43:52Z,"Arbitrary code execution in ExifTool",exiftool-vendored,0,14.3.0,,HIGH,CWE-74,
 GHSA-4wv4-mgfq-598v,2021-03-12T23:00:19Z,"Code injection in nobelprizeparser",nobelprizeparser,0,1.0.2,,CRITICAL,CWE-94,
+GHSA-4x48-cgf9-q33f,2026-04-14T23:22:48Z,"Novu has SSRF via conditions filter webhook bypasses validateUrlSsrf() protection",@novu/api,0,3.15.0,,HIGH,CWE-918,
 GHSA-4x6x-782q-jfc4,2020-09-03T02:38:47Z,"Command Injection in node-wifi",node-wifi,0,2.0.12,,CRITICAL,CWE-77,
 GHSA-4x7c-cx64-49w8,2020-08-19T22:06:03Z,"Regular Expression Denial of Service in is-my-json-valid",is-my-json-valid,0,1.4.1,,LOW,,
 GHSA-4x7c-cx64-49w8,2020-08-19T22:06:03Z,"Regular Expression Denial of Service in is-my-json-valid",is-my-json-valid,2.0.0,2.17.2,,LOW,,
@@ -5832,17 +6055,22 @@ GHSA-4xcv-9jjx-gfj3,2019-07-05T21:07:58Z,"Denial of Service in mem",mem,0,4.0.0,
 GHSA-4xf9-pgvv-xx67,2020-09-03T20:27:46Z,"Duplicate Advisory: Regular Expression Denial of Service in simple-markdown",simple-markdown,0,0.5.2,,MODERATE,CWE-400,
 GHSA-4xg9-g7qj-jhg4,2020-09-03T20:46:36Z,"Malicious Package in comander",comander,0.0.0,,,CRITICAL,CWE-506,
 GHSA-4xgp-xrg3-c73w,2020-09-11T21:10:29Z,"Malicious Package in commqnder",commqnder,0,,,CRITICAL,CWE-506,
+GHSA-525j-hqq2-66r4,2026-04-17T21:59:55Z,"OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0",openclaw,0,2026.4.10,,HIGH,CWE-1327;CWE-284,
+GHSA-527m-976r-jf79,2026-04-17T22:11:33Z,"OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement",openclaw,0,2026.4.10,,MODERATE,CWE-918,
 GHSA-52c9-458g-whrf,2020-09-03T22:58:17Z,"Malicious Package in js-3ha3",js-3ha3,0.0.0,,,CRITICAL,CWE-506,
-GHSA-52q4-3xjc-6778,2026-03-29T15:48:15Z,"OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName",openclaw,0,2026.3.28,,MODERATE,CWE-639;CWE-807;CWE-863,
 GHSA-52rh-5rpj-c3w6,2022-05-05T16:00:50Z,"Improper handling of multiline messages in node-irc",matrix-org-irc,0,1.2.1,,HIGH,CWE-74;CWE-93,
 GHSA-5326-6f73-m96w,2026-03-19T03:30:57Z,"Duplicate Advisory: OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains",openclaw,0,,,MODERATE,CWE-184,
 GHSA-5327-gfq5-8f4m,2020-09-03T21:56:23Z,"Malicious Package in buffer-xmr",buffer-xmr,0.0.0,,,CRITICAL,CWE-506,
 GHSA-533p-g2hq-qr26,2020-09-04T17:16:35Z,"Command Injection in treekill",treekill,0.0.0,,,HIGH,CWE-77,
+GHSA-533q-w4g6-5586,2026-04-16T21:13:40Z,"PsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restart",psitransfer,0,2.4.3,,HIGH,CWE-22,
 GHSA-534w-2vm4-89xr,2026-03-03T23:18:26Z,"OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch",openclaw,0,2026.2.24,,MODERATE,CWE-284;CWE-863,
 GHSA-536f-268f-6gxc,2020-09-03T22:17:36Z,"Malicious Package in buffermxor",buffermxor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-536q-mj95-h29h,2026-04-17T22:14:29Z,"OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage",openclaw,0,2026.4.10,,MODERATE,CWE-918,
 GHSA-53mj-mc38-q894,2020-09-01T19:40:41Z,"Remote Memory Exposure in openwhisk",openwhisk,0,3.3.1,,MODERATE,,
 GHSA-53p3-c7vp-4mcc,2026-03-29T15:22:17Z,"Trix is vulnerable to XSS through JSON deserialization bypass in drag-and-drop (Level0InputController)",trix,0,2.1.18,,LOW,CWE-79,
 GHSA-53rv-hcvm-rpp9,2025-01-14T22:03:59Z,"Lodestar snappy decompression issue",@lodestar/reqresp,0,1.25.0,,LOW,CWE-703,
+GHSA-53vx-pmqw-863c,2026-04-17T21:58:15Z,"OpenClaw: Browser SSRF policy default allowed private-network navigation",openclaw,0,2026.4.14,,MODERATE,CWE-1188;CWE-918,
+GHSA-5478-66c3-rhxr,2026-04-08T21:50:51Z,"Pretext: Algorithmic Complexity (DoS) in the text analysis phase",@chenglou/pretext,0,0.0.5,,HIGH,CWE-407,
 GHSA-54qm-37qr-w5wq,2020-09-04T15:04:20Z,"Sandbox Breakout / Arbitrary Code Execution in veval",veval,0.0.0,,,CRITICAL,,
 GHSA-54xq-cgqr-rpm3,2023-11-16T17:14:15Z,"sharp vulnerability in libwebp dependency CVE-2023-4863",sharp,0,0.32.6,,HIGH,,
 GHSA-553v-f69r-656j,2026-03-03T21:39:10Z,"OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth",openclaw,2026.2.22,2026.2.25,,MODERATE,CWE-863,
@@ -5866,19 +6094,30 @@ GHSA-593v-wcqx-hq2w,2021-09-07T22:57:58Z,"Incorrect version tags linked to exter
 GHSA-593v-wcqx-hq2w,2021-09-07T22:57:58Z,"Incorrect version tags linked to external repository",parse-server,4.6.0,4.10.0,,CRITICAL,,
 GHSA-5947-m4fg-xhqg,2020-09-03T18:08:10Z,"Prototype Pollution in lodash.mergewith",lodash.mergewith,0,4.6.1,,HIGH,CWE-1321,
 GHSA-59x8-7wx6-4hj9,2020-09-03T17:47:52Z,"Malicious Package in secure_identity_login_module","secure_identity_login_module",0.0.0,,,CRITICAL,CWE-506,
+GHSA-59xc-5v89-r7pr,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Synology Chat Webhook Pre-Auth Rate-Limit Bypass Enables Brute-Force Guessing of Webhook Token",openclaw,0,2026.3.28,,MODERATE,CWE-307,
+GHSA-59xv-588h-2vmm,2026-04-10T19:30:32Z,"@saltcorn/data vulnerable to SQL Injection via jsexprToSQL Literal Handler",@saltcorn/data,0,1.4.5,,LOW,CWE-89,
+GHSA-59xv-588h-2vmm,2026-04-10T19:30:32Z,"@saltcorn/data vulnerable to SQL Injection via jsexprToSQL Literal Handler",@saltcorn/data,1.5.0,1.5.5,,LOW,CWE-89,
+GHSA-59xv-588h-2vmm,2026-04-10T19:30:32Z,"@saltcorn/data vulnerable to SQL Injection via jsexprToSQL Literal Handler",@saltcorn/data,1.6.0-alpha.0,1.6.0-beta.4,,LOW,CWE-89,
 GHSA-5c6j-r48x-rmvq,2026-02-28T02:50:45Z,"Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",serialize-javascript,0,7.0.3,,HIGH,CWE-96,
 GHSA-5ccf-884p-4jjq,2025-03-20T12:32:51Z,"Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability",open-webui,0,,0.3.21,HIGH,CWE-400,
 GHSA-5cp4-xmrw-59wf,2020-08-05T21:47:02Z,"XSS via JQLite DOM manipulation functions in AngularJS",angular,0,1.8.0,,MODERATE,CWE-79,
 GHSA-5cph-wvm9-45gj,2024-11-21T22:21:03Z,"Flowise OverrideConfig security vulnerability",flowise,0,2.1.4,,HIGH,CWE-15,
+GHSA-5f7h-p83x-5vc2,2026-04-10T00:30:29Z,"Duplicate Advisory: OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens",openclaw,0,,,LOW,CWE-807,
 GHSA-5f7m-mmpc-qhh4,2019-05-23T09:27:00Z,"mysql Node.JS Module Vulnerable to Remote Memory Exposure",mysql,2.0.0-alpha8,2.14.0,,MODERATE,CWE-201,
+GHSA-5fc7-f62m-8983,2026-04-09T17:36:29Z,"OpenClaw: Feishu docx upload_file/upload_image Bypasses Workspace-Only Filesystem Policy (GHSA-qf48-qfv4-jjm9 Incomplete Fix)",openclaw,0,2026.4.8,,LOW,CWE-732,
 GHSA-5ff8-jcf9-fw62,2020-09-04T17:55:35Z,"Cross-Site Scripting in markdown-it-katex",markdown-it-katex,0.0.0,,,HIGH,CWE-79,
 GHSA-5fm9-jmv7-fcx5,2020-09-02T18:35:26Z,"Malicious Package in asynnc",asynnc,0,,,CRITICAL,CWE-506,
 GHSA-5fp6-4xw3-xqq3,2023-06-12T18:37:31Z,"@keystone-6/core's bundled cuid package known to be insecure",@keystone-6/core,0,,5.3.1,LOW,,
+GHSA-5fw2-mwhh-9947,2026-04-17T21:35:14Z,"Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse via stored credentials",flowise,0,3.1.0,,HIGH,CWE-639,
+GHSA-5g3j-89fr-r2vp,2026-04-08T00:07:36Z,"skilleton has improper input handling in repository/path processing",skilleton,0,0.3.1,,MODERATE,"CWE-1333;CWE-400;CWE-78;CWE-88",
 GHSA-5g6j-8hv4-vfgj,2020-09-11T21:21:19Z,"Cross-Site Scripting in node-red",node-red,0,0.18.6,,HIGH,CWE-79,
 GHSA-5ggx-g294-qj3q,2020-09-03T21:47:29Z,"Malicious Package in buffeb-xor",buffeb-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-5gjc-grvm-m88j,2026-04-17T21:53:17Z,"OpenClaw: Memory dreaming config persistence was reachable from operator.write commands",openclaw,2026.4.5,2026.4.10,,MODERATE,CWE-266;CWE-863,
 GHSA-5gqg-mqh5-2v39,2026-03-19T03:30:57Z,"Duplicate Advisory: OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling",openclaw,0,2026.2.19,,MODERATE,CWE-78,
 GHSA-5h2c-8v84-qpvr,2026-03-03T21:39:51Z,"OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths",openclaw,0,2026.2.22,,MODERATE,CWE-15;CWE-78,
 GHSA-5h2w-qmfp-ggp6,2026-03-31T23:57:34Z,"OpenClaw: Gateway `operator.write` can reach admin-only persisted `verboseLevel` via `chat.send` `/verbose`",openclaw,0,2026.3.28,,HIGH,CWE-284;CWE-863,
+GHSA-5h3f-885m-v22w,2026-04-09T17:36:02Z,"OpenClaw: Existing WS sessions survive shared gateway token rotation",openclaw,0,2026.4.8,,MODERATE,CWE-613,
+GHSA-5hff-46vh-rxmw,2026-04-07T18:15:37Z,"OpenClaw: Read-scoped identity-bearing HTTP clients could kill sessions via /sessions/:sessionKey/kill",openclaw,0,2026.4.2,,MODERATE,CWE-269,
 GHSA-5hx7-77g4-wqx3,2021-02-23T21:30:56Z,"Incorrect Authorization",aedes,0.1.0,0.35.1,,MODERATE,,
 GHSA-5j35-xr4g-vwf4,2026-03-25T17:32:39Z,"@grackle-ai/server has a Missing Secure Flag on Session Cookie",@grackle-ai/server,0,0.70.5,,LOW,CWE-614,
 GHSA-5j4m-89xf-mf5p,2020-08-27T22:58:46Z,"Missing Origin Validation in parcel-bundler",parcel-bundler,0,1.10.0,,MODERATE,,
@@ -5896,8 +6135,6 @@ GHSA-5jg4-p4qw-cgfr,2026-04-04T05:33:09Z,"@stablelib/cbor: Stack exhaustion Deni
 GHSA-5jgp-pg4f-q8vj,2020-09-03T19:55:42Z,"Malicious Package in node-ftp",node-ftp,0.0.0,,,CRITICAL,CWE-506,
 GHSA-5jpx-9hw9-2fx4,2025-10-29T10:43:57Z,"NextAuthjs Email misdelivery Vulnerability",next-auth,0,4.24.12,,MODERATE,CWE-200,
 GHSA-5jpx-9hw9-2fx4,2025-10-29T10:43:57Z,"NextAuthjs Email misdelivery Vulnerability",next-auth,5.0.0-beta.0,5.0.0-beta.30,,MODERATE,CWE-200,
-GHSA-5jvj-hxmh-6h6j,2026-03-29T15:46:40Z,"OpenClaw: Gateway HTTP Session History Route Bypasses Operator Read Scope",openclaw,0,,2026.3.24,MODERATE,CWE-639;CWE-863,
-GHSA-5m9r-p9g7-679c,2026-03-13T20:55:38Z,"OpenClaw: Zalo webhook rate limiting could be bypassed before secret validation",openclaw,0,2026.3.12,,MODERATE,CWE-307,
 GHSA-5mm9-55c9-p5r7,2020-09-03T19:53:31Z,"Malicious Package in mogoose",mogoose,0.0.0,,,CRITICAL,CWE-506,
 GHSA-5mrr-rgp6-x4gr,2020-09-03T19:39:05Z,"Command Injection in marsdb",marsdb,0.0.0,,,CRITICAL,CWE-77,
 GHSA-5p28-63mc-cgr9,2020-12-04T20:04:37Z,"Cross-Site Scripting bypass in html-purify",html-purify,0,,1.1.0,HIGH,CWE-79,
@@ -5911,9 +6148,11 @@ GHSA-5v72-xg48-5rpm,2019-06-04T19:37:52Z,"Denial of Service in ws",ws,0.2.6,1.1.
 GHSA-5v72-xg48-5rpm,2019-06-04T19:37:52Z,"Denial of Service in ws",ws,2.0.0,3.3.1,,HIGH,CWE-400,
 GHSA-5v7r-jg9r-vq44,2020-09-03T21:19:46Z,"Insecure Cryptography Algorithm in simple-crypto-js",simple-crypto-js,0,2.3.0,,MODERATE,CWE-327,
 GHSA-5vj8-3v2h-h38v,2020-09-04T18:04:08Z,"Remote Code Execution in next",next,0.9.9,5.1.0,,HIGH,CWE-20,
+GHSA-5vjq-5jmg-39xq,2026-04-16T01:34:39Z,"Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers, when using lockFileMaintenance",renovate,43.65.0,43.102.11,,MODERATE,CWE-94,
 GHSA-5vm8-hhgr-jcjp,2021-05-28T19:18:53Z,"Cross-site scripting vulnerability in TinyMCE",tinymce,0,5.7.1,,MODERATE,CWE-79,
 GHSA-5w25-hxp5-h8c9,2021-06-21T17:12:13Z,"Duplicate Advisory: Improper Verification of Cryptographic Signature",tenvoy,0,7.0.3,,CRITICAL,CWE-347,
 GHSA-5w65-6875-rhq8,2019-09-11T23:01:57Z,"Undefined Behavior in sailsjs-cacheman",sailsjs-cacheman,0,,1.0.0,LOW,,
+GHSA-5wj5-87vq-39xm,2026-04-09T17:35:53Z,"OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement",openclaw,0,2026.4.8,,HIGH,CWE-288,
 GHSA-5wq6-v5cw-jvfr,2020-09-03T23:03:36Z,"Malicious Package in js-shas",js-shas,0.0.0,,,CRITICAL,CWE-506,
 GHSA-5wrg-8fxp-cx9r,2023-06-21T22:06:22Z,"passport-wsfed-saml2 Signature Bypass vulnerability",passport-wsfed-saml2,0,3.0.10,,HIGH,,
 GHSA-5x7p-gm79-383m,2020-09-01T21:11:57Z,"Malicious Package in regenraotr",regenraotr,0,,,CRITICAL,CWE-506,
@@ -5930,7 +6169,6 @@ GHSA-64g7-mvw6-v9qj,2022-01-14T21:09:50Z,"Improper Privilege Management in shell
 GHSA-657v-jjf8-83gh,2020-09-03T23:14:55Z,"Malicious Package in jsmsha3",jsmsha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6584-gfwm-3vc3,2020-09-03T21:43:01Z,"Malicious Package in budfer-xor",budfer-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-659f-22xc-98f2,2026-03-03T23:00:53Z,"OpenClaw hook transform path containment missed symlink-resolved escapes",openclaw,0,2026.2.22,,HIGH,CWE-94,
-GHSA-65h8-27jh-q8wv,2026-03-26T19:08:34Z,"OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement",openclaw,0,2026.3.22,,HIGH,CWE-863,
 GHSA-65j7-66p7-9xgf,2020-09-02T21:51:55Z,"Malicious Package in font-scrubber",font-scrubber,0,,,CRITICAL,CWE-506,
 GHSA-65m9-m259-7jqw,2020-09-03T15:49:29Z,"Improper Authorization in react-oauth-flow",react-oauth-flow,0.0.0,,,CRITICAL,CWE-285,
 GHSA-65p7-pjj8-ggmr,2021-09-23T23:18:42Z,"Member account takeover",ghost,3.18.0,3.42.6,,MODERATE,,
@@ -5941,15 +6179,19 @@ GHSA-66mv-xh68-h6v2,2020-09-03T15:48:53Z,"Denial of Service in @commercial/hapi"
 GHSA-66mv-xh68-h6v2,2020-09-03T15:48:53Z,"Denial of Service in @commercial/hapi",@commercial/hapi,17.0.0,17.9.2,,HIGH,,
 GHSA-66mv-xh68-h6v2,2020-09-03T15:48:53Z,"Denial of Service in @commercial/hapi",@commercial/hapi,18.0.0,18.4.1,,HIGH,,
 GHSA-66mv-xh68-h6v2,2020-09-03T15:48:53Z,"Denial of Service in @commercial/hapi",@commercial/hapi,19.0.0,19.1.1,,HIGH,,
+GHSA-66r7-m7xm-v49h,2026-04-17T22:17:05Z,"OpenClaw: QQBot media tags could read arbitrary local files through reply text",openclaw,0,2026.4.10,,HIGH,CWE-22,
 GHSA-674r-xx4c-gj7x,2020-09-03T17:04:05Z,"Malicious Package in sb58",sb58,0.0.0,,,CRITICAL,CWE-506,
+GHSA-67mf-f936-ppxf,2026-04-09T17:36:33Z,"OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval",openclaw,0,2026.4.8,,MODERATE,CWE-269,
 GHSA-67mh-4wv8-2f99,2025-02-10T17:48:07Z,"esbuild enables any website to send any requests to the development server and read the response",esbuild,0,0.25.0,,MODERATE,CWE-346,
 GHSA-67mp-pcv9-vvq6,2020-09-03T22:57:14Z,"Malicious Package in jr-sha3",jr-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6879-xr95-5gf4,2020-09-03T17:20:15Z,"Malicious Package in malicious-do-not-install",malicious-do-not-install,0.0.0,,,CRITICAL,CWE-506,
 GHSA-68c2-4mpx-qh95,2024-03-01T16:57:56Z,"Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin",@sentry/react-native,5.16.0,5.19.1,,LOW,CWE-200,
-GHSA-68f8-9mhj-h2mp,2026-03-30T18:41:15Z,"OpenClaw has a Gateway HTTP /v1/models Route Bypasses Operator Read Scope",openclaw,0,2026.3.24,,MODERATE,CWE-284;CWE-863,
 GHSA-68gr-cmcp-g3mj,2019-06-14T16:39:31Z,"Directory Traversal in lactate",lactate,0,,0.13.12,HIGH,CWE-22,
 GHSA-68jh-rf6x-836f,2023-06-16T19:40:53Z,"@apollo/server vulnerable to unsafe application of Content Security Policy via reused nonces",@apollo/server,4.7.1,4.7.4,,LOW,,
+GHSA-68qg-g8mg-6pr7,2026-04-10T21:08:57Z,"paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass",@paperclipai/server,0,2026.410.0,,CRITICAL,CWE-1188;CWE-287;CWE-862,
+GHSA-68qg-g8mg-6pr7,2026-04-10T21:08:57Z,"paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass",paperclipai,0,2026.410.0,,CRITICAL,CWE-1188;CWE-287;CWE-862,
 GHSA-68v4-hmwv-f43h,2026-04-03T02:49:40Z,"OpenClaw: Media download follows cross-origin redirects with Authorization headers intact",openclaw,0,2026.3.31,,MODERATE,CWE-522,
+GHSA-68x5-xx89-w9mm,2026-04-09T17:34:27Z,"OpenClaw: resolvedAuth closure becomes stale after config reload",openclaw,0,2026.4.8,,MODERATE,CWE-613,
 GHSA-692h-g37c-qv44,2020-09-03T23:25:30Z,"Malicious Package in sj-tw-sec",sj-tw-sec,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6933-jpx5-q87q,2025-09-15T20:30:30Z,"Flowise has unsandboxed remote code execution via Custom MCP",flowise,2.2.7-patch.1,3.0.6,,HIGH,CWE-78;CWE-862,
 GHSA-69mf-2cw2-38m8,2020-09-03T23:04:40Z,"Malicious Package in js-shc3",js-shc3,0.0.0,,,CRITICAL,CWE-506,
@@ -5960,6 +6202,7 @@ GHSA-6chw-6frg-f759,2020-04-03T21:48:38Z,"Regular Expression Denial of Service i
 GHSA-6chw-6frg-f759,2020-04-03T21:48:38Z,"Regular Expression Denial of Service in Acorn",acorn,6.0.0,6.4.1,,HIGH,CWE-400,
 GHSA-6chw-6frg-f759,2020-04-03T21:48:38Z,"Regular Expression Denial of Service in Acorn",acorn,7.0.0,7.1.1,,HIGH,CWE-400,
 GHSA-6cj2-92m5-7mvp,2021-08-03T16:48:46Z,"Improperly Controlled Modification of Object Prototype Attributes",think-config,0,1.1.3,,HIGH,CWE-1321,
+GHSA-6f7g-v4pp-r667,2026-04-16T21:52:46Z,"Flowise: Unauthenticated OAuth 2.0 Access Token Disclosure via Public Chatflow in Flowise",flowise,0,3.1.0,,HIGH,CWE-306,
 GHSA-6f93-xj8r-jp82,2020-09-03T22:28:21Z,"Malicious Package in bunfer-xor",bunfer-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6fcr-9h9g-23fq,2020-09-02T21:50:51Z,"Denial of Service in ipfs-bitswap",ipfs-bitswap,0,0.24.1,,MODERATE,CWE-400,
 GHSA-6fh5-8wq8-w3wr,2020-09-04T15:09:55Z,"Prototype Pollution in unflatten",unflatten,0.0.0,,,HIGH,CWE-1321,
@@ -5968,17 +6211,21 @@ GHSA-6jg8-7333-554w,2019-10-04T17:56:12Z,"Sandbox Breakout in realms-shim",realm
 GHSA-6jg8-7333-554w,2019-10-04T17:56:12Z,"Sandbox Breakout in realms-shim",ses,0,0.6.3,,CRITICAL,,
 GHSA-6jrj-vc65-c983,2024-08-26T15:17:40Z,"unzip-stream allows Arbitrary File Write via artifact extraction",unzip-stream,0,0.3.2,,HIGH,CWE-22,
 GHSA-6m6m-j2hm-pxrg,2020-09-03T17:37:05Z,"Malicious Package in cicada-render",cicada-render,0.0.0,,,CRITICAL,CWE-506,
-GHSA-6mqc-jqh6-x8fc,2026-03-26T18:59:00Z,"OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication",openclaw,0,2026.3.23,,MODERATE,CWE-287,
 GHSA-6mrq-7r7m-hh4p,2020-09-03T22:52:58Z,"Malicious Package in hs-sha3",hs-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6p8r-6m93-557f,2026-04-03T03:09:18Z,"OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting",openclaw,0,2026.3.31,,MODERATE,CWE-307,
+GHSA-6pcv-j4jx-m4vx,2026-04-16T21:20:05Z,"Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request",flowise,0,3.1.0,,MODERATE,CWE-306;CWE-312,
 GHSA-6pfc-6m7w-m8fx,2026-03-31T23:59:53Z,"OpenClaw has a gateway exec allowlist allow-always bypass via unregistered /usr/bin/script wrapper",openclaw,0,2026.3.28,,HIGH,CWE-385,
 GHSA-6q22-g298-grjh,2026-04-04T06:13:25Z,"Directus: Unauthenticated Denial of Service via GraphQL Alias Amplification of Expensive Health Check Resolver",directus,0,11.17.0,,HIGH,CWE-400;CWE-770,
+GHSA-6q2v-vfwp-pvwh,2026-03-29T15:30:20Z,"Duplicate Advisory: OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path",openclaw,0,2026.3.8,,MODERATE,CWE-367,
 GHSA-6qc7-jgq7-34rf,2020-09-02T20:18:18Z,"Malicious Package in exprss",exprss,0,,,CRITICAL,CWE-506,
 GHSA-6qgx-f452-7699,2020-09-03T23:28:39Z,"Malicious Package in superhappyfuntime",superhappyfuntime,0.0.0,,,CRITICAL,CWE-506,
 GHSA-6qqf-vvcr-7qrv,2019-05-23T09:27:22Z,"Cryptographically Weak PRNG in generate-password",generate-password,0,1.4.1,,MODERATE,CWE-338,
 GHSA-6qqj-rx4w-r3cj,2020-08-31T22:48:44Z,"CSRF Vulnerability in jquery-ujs",jquery-ujs,0,1.0.4,,MODERATE,CWE-352,
 GHSA-6r5x-hmgg-7h53,2019-07-15T19:46:01Z,"Remote code execution in Handlebars.js",handlebars,0,4.1.0,,MODERATE,,
+GHSA-6r77-hqx7-7vw8,2026-04-16T21:52:11Z,"Flowise:  APIChain Prompt Injection SSRF in GET/POST API Chains",flowise,0,3.1.0,,HIGH,CWE-918,
+GHSA-6r77-hqx7-7vw8,2026-04-16T21:52:11Z,"Flowise:  APIChain Prompt Injection SSRF in GET/POST API Chains",flowise-components,0,3.1.0,,HIGH,CWE-918,
 GHSA-6rmx-gvvg-vh6j,2026-03-09T19:52:47Z,"OpenClaw's hooks count non-POST requests toward auth lockout",openclaw,0,2026.3.7,,MODERATE,CWE-307;CWE-799,
+GHSA-6v7q-wjvx-w8wg,2026-04-10T20:18:23Z,"basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands",basic-ftp,0,5.2.2,,HIGH,CWE-93,
 GHSA-6x2m-hqfw-hvpj,2026-03-02T22:29:45Z,"OpenClaw: Node exec approvals could be replayed across nodes",openclaw,0,2026.2.23,,MODERATE,CWE-285;CWE-863,
 GHSA-6x33-pw7p-hmpq,2020-09-04T17:59:49Z,"Denial of Service in http-proxy",http-proxy,0,1.18.1,,HIGH,CWE-184;CWE-693,
 GHSA-6xg2-cf6h-x4v8,2020-09-03T21:53:05Z,"Malicious Package in buffer-por",buffer-por,0.0.0,,,CRITICAL,CWE-506,
@@ -5989,25 +6236,27 @@ GHSA-724c-6vrf-99rq,2020-09-02T21:49:48Z,"Sensitive Data Exposure in loopback",l
 GHSA-725f-3pw7-rq6x,2020-09-03T21:09:47Z,"Malicious Package in 8.9.4",8.9.4,0.0.0,,,CRITICAL,CWE-506,
 GHSA-72gr-qfp7-vwhw,2026-03-20T20:50:09Z,"h3: Double Decoding in `serveStatic` Bypasses `resolveDotSegments` Path Traversal Protection via `%252e%252e`",h3,0,1.15.9,,MODERATE,CWE-22,
 GHSA-733v-p3h5-qpq7,2025-04-25T15:14:36Z,"GraphQL Armor Cost-Limit Plugin Bypass via Introspection Query Obfuscation","@escape.tech/graphql-armor-cost-limit",0,2.4.2,,MODERATE,CWE-400;CWE-770,
+GHSA-736r-jwj6-4w23,2026-04-17T22:14:56Z,"OpenClaw: Sandboxed agents could escape exec routing via host=node override",openclaw,2026.4.5,2026.4.10,,HIGH,CWE-863,
 GHSA-73c6-vwjh-g3qh,2020-09-03T19:40:46Z,"Malicious Package in crpyto-js",crpyto-js,0.0.0,,,CRITICAL,CWE-506,
 GHSA-73cw-jxmm-qpgh,2019-06-11T16:40:48Z,"Path Traversal in localhost-now",localhost-now,0,,1.0.2,HIGH,CWE-22,
 GHSA-73hr-6785-f5p8,2020-09-02T21:24:55Z,"Malicious Package in donotinstallthis",donotinstallthis,0,,,CRITICAL,CWE-506,
 GHSA-73v8-v6g4-vrpm,2020-09-02T15:58:13Z,"Arbitrary File Overwrite in decompress-zip",decompress-zip,0,0.2.2,,HIGH,,
 GHSA-73v8-v6g4-vrpm,2020-09-02T15:58:13Z,"Arbitrary File Overwrite in decompress-zip",decompress-zip,0.3.0,0.3.2,,HIGH,,
 GHSA-73wv-v82c-xmqv,2020-09-03T21:50:51Z,"Malicious Package in buffep-xor",buffep-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-7437-7hg8-frrw,2026-04-09T14:22:29Z,"OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)",openclaw,0,2026.4.8,,HIGH,CWE-184;CWE-78,
 GHSA-74cp-qw7f-7hpw,2019-06-05T14:10:23Z,"Path Traversal in statics-server",statics-server,0,,0.0.9,MODERATE,CWE-22,
 GHSA-74cr-77xc-8g6r,2019-06-13T20:37:39Z,"Prototype Pollution in @apollo/gateway",@apollo/gateway,0,0.6.2,,HIGH,CWE-1321;CWE-400,
 GHSA-74hh-4rcv-pp27,2020-09-04T16:44:19Z,"Malicious Package in bitconijs-lib",bitconijs-lib,0.0.0,,,CRITICAL,CWE-506,
-GHSA-74wf-h43j-vvmj,2026-03-26T21:46:42Z,"OpenClaw's Conflicting Tool Identity Hints Bypass Dangerous-Tool Prompting",openclaw,0,2026.3.22,,HIGH,CWE-807;CWE-863,
 GHSA-7543-mr7h-6v86,2020-09-02T16:00:26Z,"Improper Authorization in googleapis",googleapis,0,39.1.0,,HIGH,CWE-285,
+GHSA-75hx-xj24-mqrw,2026-04-10T20:59:58Z,"n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport",n8n-mcp,0,2.47.6,,HIGH,CWE-306,
 GHSA-762c-v946-pf25,2020-09-04T16:47:33Z,"Malicious Package in bpi39",bpi39,0.0.0,,,CRITICAL,CWE-506,
 GHSA-766v-7gjx-55hf,2020-09-03T23:08:34Z,"Malicious Package in js-shq3",js-shq3,0.0.0,,,CRITICAL,CWE-506,
+GHSA-767m-xrhc-fxm7,2026-04-07T18:11:15Z,"OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send",openclaw,0,2026.3.28,,LOW,CWE-269,
 GHSA-7696-qr5q-pg37,2020-09-03T23:19:08Z,"Malicious Package in zs-sha3",zs-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-76qf-6mvw-c5hm,2020-09-03T19:45:42Z,"Malicious Package in js-base64-int",js-base64-int,0.0.0,,,CRITICAL,CWE-506,
 GHSA-76xq-58hj-vwm2,2020-09-11T21:16:59Z,"Malicious Package in test-module-a",test-module-a,0,,,CRITICAL,CWE-506,
 GHSA-779f-wgxg-qr8f,2020-09-03T18:10:22Z,"Prototype Pollution in lodash.mergewith",lodash.mergewith,0,4.6.2,,HIGH,CWE-1321,
 GHSA-77hf-7fqf-f227,2026-03-03T21:32:35Z,"OpenClaw skills-install-download: tar.bz2 extraction bypassed archive safety parity checks (local DoS)",openclaw,0,2026.3.2,,MODERATE,CWE-400;CWE-409,
-GHSA-77w2-crqv-cmv3,2026-03-29T15:49:17Z,"OpenClaw: Feishu Raw Card Send Surface Can Mint Legacy Card Callbacks That Bypass DM Pairing",openclaw,0,2026.3.28,,MODERATE,CWE-288;CWE-863,
 GHSA-785g-gx74-gr39,2020-09-03T23:12:48Z,"Malicious Package in js-wha3",js-wha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-788m-pj96-7w2c,2020-09-02T21:23:51Z,"Cross-Site Scripting in fomantic-ui",fomantic-ui,0,2.7.0,,HIGH,CWE-79,
 GHSA-78p3-fwcq-62c2,2024-10-03T19:50:59Z,"@saltcorn/server Remote Code Execution (RCE) / SQL injection via prototype pollution  by manipulating `lang` and  `defstring` parameters when setting localizer strings",@saltcorn/server,0,1.0.0-beta.14,,HIGH,CWE-1321,
@@ -6027,12 +6276,14 @@ GHSA-7fhm-mqm4-2wp7,2020-03-13T20:36:16Z,"Withdrawn: ESLint dependencies are vul
 GHSA-7fpw-cfc4-3p2c,2017-12-28T22:51:45Z,"Duplicate advisory: High severity vulnerability that affects passport-wsfed-saml2",passport-wsfed-saml2,0,3.0.5,,HIGH,CWE-290,
 GHSA-7fqq-q52p-2jjg,2026-03-29T15:27:41Z,"OpenCC  has an Out-of-bounds read when processing truncated UTF-8 input",opencc,0,1.2.0,,MODERATE,CWE-125,
 GHSA-7frr-c83r-fm22,2020-09-03T22:20:49Z,"Malicious Package in buffez-xor",buffez-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-7g8c-cfr3-vqqr,2026-04-17T21:55:20Z,"OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input",openclaw,0,2026.4.10,,MODERATE,CWE-269,
 GHSA-7ggg-pvrf-458v,2026-04-02T20:57:44Z,"OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic",openclaw,0,2026.3.31,,HIGH,CWE-807,
 GHSA-7h7g-x2px-94hj,2026-03-13T20:54:18Z,"OpenClaw: Pairing setup codes exposed long-lived shared gateway credentials instead of short-lived bootstrap tokens",openclaw,0,2026.3.12,,MODERATE,CWE-532,
 GHSA-7hx8-2rxv-66xv,2020-09-03T15:48:00Z,"Denial of Service in hapi",hapi,0.0.0,,,HIGH,,
 GHSA-7j52-6fjp-58gr,2022-03-14T23:22:27Z,"Inconsistent storage layout for ERC2771ContextUpgradeable","@openzeppelin/contracts-upgradeable",4.0.0,4.3.0,,LOW,,
 GHSA-7j93-5m2h-rvjx,2020-09-04T15:32:46Z,"Malicious Package in bconi",bconi,0.0.0,,,CRITICAL,CWE-506,
 GHSA-7jfh-2xc9-ccv7,2019-05-31T23:46:40Z,"Cross-Site Scripting in public",public,0,0.1.4,,LOW,CWE-79,
+GHSA-7jp6-r74r-995q,2026-04-17T22:15:27Z,"OpenClaw: Matrix profile config persistence was reachable from operator.write message tools",openclaw,0,2026.4.10,,HIGH,CWE-266;CWE-863,
 GHSA-7m7q-q53v-j47v,2021-02-25T02:01:47Z,"Regular Expression Denial of Service",marked,0.5.0,0.6.1,,MODERATE,,
 GHSA-7p6w-x2gr-rrf8,2020-09-02T21:28:05Z,"ag-grid Cross-Site Scripting vulnerability",ag-grid,0,14.0.0,,HIGH,CWE-79,
 GHSA-7q64-3rg2-h9pf,2026-02-27T18:31:06Z,"Duplicate Advisory: Nest has a Fastify URL Encoding Middleware Bypass",@nestjs/platform-fastify,0,11.1.14,,HIGH,CWE-863,
@@ -6047,6 +6298,7 @@ GHSA-7v28-g2pq-ggg8,2022-06-17T01:16:03Z,"Ghost vulnerable to remote code execut
 GHSA-7v28-g2pq-ggg8,2022-06-17T01:16:03Z,"Ghost vulnerable to remote code execution in locale setting change",ghost,5.0.0,5.2.3,,MODERATE,,
 GHSA-7w7c-867m-4mqc,2020-09-03T17:04:55Z,"Malicious Package in rceat",rceat,0.0.0,,,CRITICAL,CWE-506,
 GHSA-7wgh-5q4q-6wx5,2020-09-04T17:30:39Z,"Malicious Package in 1337qq-js",1337qq-js,0.0.0,,,CRITICAL,CWE-506,
+GHSA-7wv4-cc7p-jhxc,2026-04-17T21:56:12Z,"OpenClaw: Workspace .env could inject OpenClaw runtime-control variables",openclaw,0,2026.4.9,,MODERATE,CWE-15,
 GHSA-7wwv-vh3v-89cq,2020-12-04T16:47:20Z,"ReDOS vulnerabities: multiple grammars",@highlightjs/cdn-assets,0,10.4.1,,MODERATE,CWE-20;CWE-400,
 GHSA-7wwv-vh3v-89cq,2020-12-04T16:47:20Z,"ReDOS vulnerabities: multiple grammars",highlight.js,9.0.0,10.4.1,,MODERATE,CWE-20;CWE-400,
 GHSA-7x92-2j68-h32c,2020-09-01T19:03:02Z,"Directory Traversal in featurebook",featurebook,0,,,MODERATE,CWE-22,
@@ -6057,14 +6309,16 @@ GHSA-7xf6-cpxm-5mx9,2020-09-03T22:27:18Z,"Malicious Package in bufner-xor",bufne
 GHSA-7xf9-74cp-8hx3,2020-09-03T22:59:21Z,"Malicious Package in js-cha3",js-cha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-7xfq-xh6v-4mrm,2020-09-01T20:27:53Z,"Malicious Package in json-serializer",json-serializer,2.0.10,2.0.11,,CRITICAL,CWE-506,
 GHSA-7xmq-g46g-f8pv,2026-03-02T21:55:47Z,"OpenClaw: Sandbox media TOCTOU could read files outside sandbox root",openclaw,0,2026.3.1,,HIGH,CWE-367;CWE-59,
-GHSA-7xr2-q9vf-x4r5,2026-03-26T21:49:25Z,"OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)",openclaw,0,,2026.2.22,HIGH,CWE-61,
 GHSA-82gw-wqw6-r2cf,2026-03-19T03:30:57Z,"Duplicate Advisory: Command Injection via unescaped environment assignments in Windows Scheduled Task script generation",openclaw,0,,2026.2.17,MODERATE,CWE-78,
 GHSA-82jv-9wjw-pqh6,2024-04-17T22:26:37Z,"Prototype pollution in emit function",derby,0,2.3.2,,LOW,CWE-1321,
 GHSA-82jv-9wjw-pqh6,2024-04-17T22:26:37Z,"Prototype pollution in emit function",derby,3.0.0,3.0.2,,LOW,CWE-1321,
 GHSA-82jv-9wjw-pqh6,2024-04-17T22:26:37Z,"Prototype pollution in emit function",derby,4.0.0-beta1,4.0.0-beta.11,,LOW,CWE-1321,
+GHSA-82qx-6vj7-p8m2,2026-04-17T21:58:46Z,"OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows",openclaw,0,2026.4.10,,HIGH,CWE-862,
+GHSA-8372-7vhw-cm6q,2026-04-17T21:47:15Z,"OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases",openclaw,0,2026.4.14,,HIGH,CWE-212,
+GHSA-83f3-hh45-vfw9,2026-04-07T18:16:06Z,"OpenClaw: Android accepted cleartext remote gateway endpoints and sent stored credentials over ws://",openclaw,0,2026.4.2,,MODERATE,CWE-200,
 GHSA-83pq-466j-fc6j,2020-09-04T15:17:50Z,"Prototype Pollution in sahmat",sahmat,0.0.0,,,HIGH,CWE-1321,
 GHSA-83rx-c8cr-6j8q,2019-06-05T20:48:55Z,"Insecure Default Configuration in tesseract.js",tesseract.js,0,1.0.19,,MODERATE,CWE-829,
-GHSA-844j-xrrq-wgh4,2026-03-26T21:42:30Z,"OpenClaw: Forwarding header spoofing bypasses gateway.trustedProxies origin detection",openclaw,0,2026.3.22,,MODERATE,CWE-290,
+GHSA-846p-hgpv-vphc,2026-04-07T18:15:00Z,"OpenClaw: QQ Bot structured payloads could read arbitrary local files",openclaw,0,2026.4.2,,MODERATE,CWE-22,
 GHSA-84c3-j8r2-mcm8,2024-02-26T20:10:10Z,"@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys",@nfid/embed,0.10.0,0.10.1-alpha.6,,CRITICAL,CWE-321;CWE-330,
 GHSA-84jw-g43v-8gjm,2024-09-19T17:30:05Z,"DOM Clobbering Gadget found in Rspack's AutoPublicPathRuntimeModule that leads to XSS",@rspack/core,0,1.0.0-rc.1,,MODERATE,CWE-79,
 GHSA-84p7-fh9c-6g8h,2021-09-20T19:52:24Z,"Prototype Pollution in mixme",mixme,0,0.5.2,,HIGH,CWE-1321,
@@ -6081,13 +6335,13 @@ GHSA-86mr-6m89-vgj3,2020-09-03T15:51:38Z,"Buffer Overflow in node-weakauras-pars
 GHSA-86p3-4gfq-38f2,2019-06-05T14:10:34Z,"Denial of Service in url-relative",url-relative,0,,1.0.0,MODERATE,CWE-400,
 GHSA-876r-hj45-fw7g,2020-09-03T21:18:41Z,"Sandbox Breakout / Arbitrary Code Execution in safer-eval",safer-eval,0.0.0,,,CRITICAL,,
 GHSA-877v-w3f5-3pcq,2026-04-02T20:59:49Z,"OpenClaw: Feishu thread history and quoted messages bypass sender allowlist",openclaw,0,2026.3.31,,MODERATE,CWE-863,
+GHSA-8783-3wgf-jggf,2026-04-16T22:40:59Z,"Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints",@budibase/backend-core,0,,3.35.3,CRITICAL,CWE-287,
 GHSA-8796-gc9j-63rv,2021-05-17T20:51:16Z,"File upload local preview can run embedded scripts after user interaction",matrix-react-sdk,0,3.21.0,,MODERATE,CWE-74,
 GHSA-87mg-h5r3-hw88,2019-05-30T17:23:28Z,"Cross-Site Scripting in bootbox",bootbox,0,,5.5.2,MODERATE,CWE-64;CWE-79,
 GHSA-87qp-7cw8-8q9c,2024-03-25T06:30:24Z,"Duplicate Advisory: web3-utils Prototype Pollution vulnerability",web3-utils,0,4.2.1,,HIGH,CWE-1321,
 GHSA-87qw-7v97-w34r,2020-09-02T18:33:18Z,"Malicious Package in asinc",asinc,0,,,CRITICAL,CWE-506,
 GHSA-87v3-4cfp-cm76,2026-03-18T16:10:26Z,"Cross-Site Scripting (XSS) via SVG Schema innerHTML Injection in @pdfme/schemas",@pdfme/schemas,0,5.5.9,,MODERATE,CWE-79,
 GHSA-886v-mm6p-4m66,2019-06-05T09:48:02Z,"High severity vulnerability that affects gun",gun,0,0.2019.416,,HIGH,CWE-22,
-GHSA-8883-9w57-vwv6,2026-03-26T21:23:04Z,"OpenClaw: Mattermost callback dispatch allowed non-allowlisted sender actions",openclaw,0,2026.3.22,,MODERATE,CWE-285;CWE-863,
 GHSA-88h9-fc6v-jcw7,2020-09-03T20:28:51Z,"Unintended Require in larvitbase-www",larvitbase-www,0.0.0,,,MODERATE,,
 GHSA-88qp-p4qg-rqm6,2026-02-19T20:30:25Z,"CPU exhaustion in SvelteKit remote form deserialization (experimental only)",@sveltejs/kit,2.49.0,2.52.2,,MODERATE,CWE-843,
 GHSA-88xx-23mf-rcj2,2020-09-03T22:51:52Z,"Malicious Package in bs-sha3",bs-sha3,0.0.0,,,CRITICAL,CWE-506,
@@ -6099,15 +6353,16 @@ GHSA-89v5-38xr-9m4j,2026-03-27T15:47:57Z,"Postiz has Multiple SSRF Vectors - Web
 GHSA-8c8c-4vfj-rrpc,2020-09-01T19:05:11Z,"Reflected Cross-Site Scripting in redis-commander",redis-commander,0.0.0,0.5.0,,LOW,CWE-79,
 GHSA-8cp7-rp8r-mg77,2026-03-04T18:55:48Z,"OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP",openclaw,2026.1.20,2026.2.19,,MODERATE,CWE-918,
 GHSA-8f93-rv4p-x4jw,2019-06-12T16:36:52Z,"SQL Injection in sql",sql,0,,0.78.0,MODERATE,CWE-89,
+GHSA-8f9r-gr6r-x63q,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Feishu webhook reads and parses unauthenticated request bodies before signature validation",openclaw,0,2026.3.28,,MODERATE,CWE-696,
 GHSA-8fw4-xh83-3j6q,2020-09-11T21:18:05Z,"Cross-Site Scripting in diagram-js",diagram-js,0,2.6.2,,MODERATE,CWE-79,
 GHSA-8fw4-xh83-3j6q,2020-09-11T21:18:05Z,"Cross-Site Scripting in diagram-js",diagram-js,3.0.0,3.3.1,,MODERATE,CWE-79,
 GHSA-8g29-8xwr-qmhr,2026-03-25T17:33:01Z,"@grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling",@grackle-ai/server,0,0.70.6,,LOW,CWE-754,
 GHSA-8g3r-968r-c644,2020-09-03T23:15:58Z,"Malicious Package in jw-sha3",jw-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-8g64-9cm2-838j,2020-09-03T22:29:26Z,"Malicious Package in bugfer-xor",bugfer-xor,0.0.0,,,CRITICAL,CWE-506,
-GHSA-8g75-q649-6pv6,2026-03-12T14:21:28Z,"OpenClaw's system.run approvals did not bind mutable script operands across approval and execution",openclaw,0,2026.3.8,,MODERATE,CWE-285;CWE-367,
 GHSA-8g98-m4j9-qww5,2025-06-18T17:51:03Z,"Taylored webhook validation vulnerabilities",taylored,7.0.5,7.0.8,,CRITICAL,"CWE-22;CWE-294;CWE-345;CWE-916",
 GHSA-8gc6-65mm-xr6r,2020-09-04T16:46:28Z,"Malicious Package in bp66",bp66,0.0.0,,,CRITICAL,CWE-506,
 GHSA-8h3q-9fpp-c883,2026-01-21T00:31:43Z,"Duplicate Advisory: Wrangler affected by OS Command Injection in `wrangler pages deploy`",wrangler,2.0.15,,,HIGH,CWE-20,
+GHSA-8h8f-7cxm-m38j,2026-04-02T21:32:52Z,"Duplicate Advisory: OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation",openclaw,0,2026.3.22,,MODERATE,CWE-184,
 GHSA-8h8v-6qqm-fwpq,2020-09-01T21:06:38Z,"Path Traversal in express-cart",express-cart,0,1.1.7,,HIGH,CWE-22,
 GHSA-8hmr-w35f-3qgj,2020-09-03T21:07:37Z,"Malicious Package in harmlesspackage",harmlesspackage,0.0.0,,,CRITICAL,CWE-506,
 GHSA-8hq2-fcqm-39hq,2020-09-02T21:46:05Z,"Malicious Package in rimrafall",rimrafall,0,,,CRITICAL,CWE-506,
@@ -6116,6 +6371,7 @@ GHSA-8hrq-9wm7-v3jw,2020-09-03T21:39:41Z,"Malicious Package in btffer-xor",btffe
 GHSA-8j49-49jq-vwcq,2020-09-04T15:15:34Z,"Prototype Pollution in getsetdeep",getsetdeep,0.0.0,,,HIGH,CWE-1321,
 GHSA-8j6j-4h2c-c65p,2020-09-03T17:02:52Z,"Arbitrary Code Execution in require-node",require-node,0,1.3.4,,CRITICAL,CWE-78,
 GHSA-8j6j-4h2c-c65p,2020-09-03T17:02:52Z,"Arbitrary Code Execution in require-node",require-node,2.0.0,2.0.4,,CRITICAL,CWE-78,
+GHSA-8j7f-g9gv-7jhc,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)",openclaw,0,2026.3.28,,MODERATE,CWE-918,
 GHSA-8j7x-pr59-m5h8,2020-09-02T21:31:18Z,"Malicious Package in whiteproject",whiteproject,0,,,CRITICAL,CWE-506,
 GHSA-8j8c-7jfh-h6hx,2019-06-04T20:14:07Z,"Code Injection in js-yaml",js-yaml,0,3.13.1,,HIGH,CWE-94,
 GHSA-8jf2-cq6v-w234,2020-09-03T21:10:53Z,"Malicious Package in uglyfi.js",uglyfi.js,0.0.0,,,CRITICAL,CWE-506,
@@ -6161,32 +6417,33 @@ GHSA-8xqr-4cpm-wx7g,2019-05-31T23:47:27Z,"Cross-Site Scripting in react-svg",rea
 GHSA-9272-59x2-gwf2,2020-09-03T17:04:13Z,"Malicious Package in ripedm160",ripedm160,0.0.0,,,CRITICAL,CWE-506,
 GHSA-9298-m7jf-55h2,2020-09-04T16:42:08Z,"Malicious Package in bitconid-rpc",bitconid-rpc,0.0.0,,,CRITICAL,CWE-506,
 GHSA-929m-phjg-qwcc,2025-04-01T21:31:30Z,"Duplicate Advisory: MathLive's Lack of Escaping of HTML allows for XSS",mathlive,0,0.104.0,,MODERATE,CWE-79,
+GHSA-92jp-89mq-4374,2026-04-17T20:08:01Z,"OpenClaw: Sandbox noVNC helper route exposed interactive browser session credentials",openclaw,2026.2.21,2026.4.10,,MODERATE,CWE-306,
+GHSA-939r-rj45-g2rj,2026-04-17T22:12:49Z,"OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins",openclaw,0,2026.4.9,,HIGH,CWE-829,
 GHSA-943q-mwmv-hhvh,2026-03-02T23:32:22Z,"OpenClaw: Gateway /tools/invoke tool escalation + ACP permission auto-approval",openclaw,0,2026.2.14,,HIGH,CWE-78,
-GHSA-94pw-c6m8-p9p9,2026-03-30T18:52:38Z,"OpenClaw: Gateway operator.write Can Reach Admin-Class Channel Allowlist Persistence via chat.send",openclaw,0,2026.3.24,,HIGH,CWE-269,
-GHSA-9528-x887-j2fp,2026-03-31T23:59:17Z,"OpenClaw's Nextcloud Talk webhook missing rate limiting on shared secret authentication",openclaw,0,2026.3.28,,MODERATE,CWE-307,
 GHSA-95cg-3r4g-7w6j,2020-09-03T23:01:29Z,"Malicious Package in js-rha3",js-rha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-96qw-h329-v5rg,2026-01-08T21:13:37Z,"Shakapacker has environment variable leak via EnvironmentPlugin that exposes secrets to client-side bundles",shakapacker,0,9.5.0,,HIGH,CWE-200,
 GHSA-97mg-3cr6-3x4c,2020-09-04T17:27:23Z,"Remote Code Execution in mongodb-query-parser",mongodb-query-parser,0,2.0.0,,CRITICAL,,
 GHSA-97mp-9g5c-6c93,2020-09-04T16:50:48Z,"Malicious Package in bs58chcek",bs58chcek,0.0.0,,,CRITICAL,CWE-506,
 GHSA-984p-xq9m-4rjw,2019-06-07T21:01:53Z,"Rate Limiting Bypass in express-brute",express-brute,0,,1.0.1,MODERATE,CWE-77,
+GHSA-98ch-45wp-ch47,2026-04-07T18:15:48Z,"OpenClaw: Windows-compatible env override keys could bypass system.run approval binding",openclaw,0,2026.4.2,,MODERATE,CWE-178,
 GHSA-98hh-7ghg-x6rq,2026-03-31T23:52:38Z,"OpenClaw: Discord text `/approve` bypasses `channels.discord.execApprovals.approvers` and allows non-approvers to resolve pending exec approvals",openclaw,0,2026.3.28,,HIGH,CWE-863,
 GHSA-98pf-gfh3-x3mp,2022-11-10T16:02:51Z,"Read the Docs vulnerable to Cross-Site Scripting (XSS)",readthedocs,0,8.8.1,,MODERATE,CWE-79,
 GHSA-992f-wf4w-x36v,2020-09-01T21:16:13Z,"Prototype Pollution in merge-objects",merge-objects,0.0.0,,,LOW,CWE-1321,
 GHSA-9959-c6q6-6qp3,2017-10-24T18:33:36Z,"Moderate severity vulnerability that affects validator",validator,0,2.0.0,,MODERATE,,
 GHSA-99pg-hqvx-r4gf,2025-09-15T20:00:39Z,"Flowise has an Arbitrary File Read",flowise,3.0.5,3.0.6,,CRITICAL,,
-GHSA-99qw-6mr3-36qr,2026-03-13T20:55:13Z,"OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories",openclaw,0,2026.3.12,,HIGH,CWE-829,
 GHSA-9c4c-g95m-c8cp,2025-04-07T18:55:13Z,"FlowiseDB vulnerable to SQL Injection by authenticated users",flowise,0,,2.2.7,MODERATE,CWE-564,
 GHSA-9cph-cqqh-36pw,2020-09-04T15:29:25Z,"Malicious Package in babel-loqder",babel-loqder,0.0.0,,,CRITICAL,CWE-506,
 GHSA-9f4w-67g7-mqwv,2026-04-03T03:26:14Z,"OpenClaw: Endpoint persists after trust decline, leaking gateway credentials",openclaw,0,2026.3.31,,MODERATE,CWE-670,
 GHSA-9f72-qcpw-2hxc,2026-03-03T19:08:08Z,"OpenClaw: Native prompt image auto-load did not honor tools.fs.workspaceOnly in sandboxed runs",openclaw,0,2026.2.24,,HIGH,CWE-200;CWE-284,
 GHSA-9f79-7pw8-3fj8,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw: workspace path guard bypass on non-existent out-of-root symlink leaf",openclaw,0,,2026.2.25,HIGH,CWE-22,
 GHSA-9gp8-hjxr-6f34,2026-04-03T02:57:00Z,"OpenClaw: Host exec environment overrides miss proxy, TLS, Docker, and Git TLS controls",openclaw,0,2026.3.31,,MODERATE,CWE-269,
+GHSA-9gvx-vj57-vqqx,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication",openclaw,0,2026.3.23,,MODERATE,CWE-288,
 GHSA-9gxr-rhx6-4jgv,2020-09-04T15:18:57Z,"Sandbox Breakout / Prototype Pollution in notevil",notevil,0,1.3.3,,MODERATE,CWE-1321,
 GHSA-9h6g-pr28-7cqp,2024-01-31T22:42:54Z,"nodemailer ReDoS when trying to send a specially crafted email",nodemailer,0,6.9.9,,MODERATE,CWE-1333,
 GHSA-9hc2-w9gg-q6jw,2020-09-01T21:07:41Z,"Malicious Package in boogeyman",boogeyman,0.0.0,,,CRITICAL,CWE-506,
-GHSA-9hjh-fr4f-gxc4,2026-03-27T22:29:12Z,"OpenClaw: Gateway Backend Reconnect lets Non-Admin Operator Scopes Self-Claim operator.admin",openclaw,0,,2026.3.24,CRITICAL,CWE-269;CWE-863,
 GHSA-9hqj-38j2-5jgm,2020-09-01T21:19:23Z,"Command Injection in ascii-art",ascii-art,0,1.4.4,,LOW,CWE-77,
-GHSA-9jpj-g8vv-j5mf,2026-04-04T06:26:55Z,"OpenClaw: Gemini OAuth exposed the PKCE verifier through the OAuth state parameter",openclaw,0,2026.4.2,,HIGH,CWE-345,
+GHSA-9hrv-gvrv-6gf2,2026-04-16T21:23:17Z,"Flowise Execute Flow function has an SSRF vulnerability",flowise,0,3.1.0,,MODERATE,CWE-918,
+GHSA-9hrv-gvrv-6gf2,2026-04-16T21:23:17Z,"Flowise Execute Flow function has an SSRF vulnerability",flowise-components,0,3.1.0,,MODERATE,CWE-918,
 GHSA-9mjp-gv34-3jcf,2020-09-02T18:37:35Z,"Malicious Package in aasync",aasync,0,,,CRITICAL,CWE-506,
 GHSA-9mmw-3fmh-96g3,2020-09-02T20:23:38Z,"Malicious Package in calk",calk,0,,,CRITICAL,CWE-506,
 GHSA-9mph-4f7v-fmvh,2026-03-04T19:02:59Z,"OpenClaw has agent avatar symlink traversal in gateway session metadata",openclaw,0,2026.2.22,,MODERATE,CWE-59,
@@ -6204,6 +6461,7 @@ GHSA-9q64-mpxx-87fg,2020-04-01T16:35:08Z,"Open Redirect in ecstatic",ecstatic,4.
 GHSA-9q7v-8mr7-g23p,2026-04-02T21:22:56Z,"OpenClaw: SSRF via Unguarded `fetch()` in Marketplace Plugin Download and Ollama Model Discovery",openclaw,0,2026.3.31,,MODERATE,CWE-918,
 GHSA-9q82-xgwf-vj6h,2026-03-26T21:53:10Z,"Apollo Server: Browser bug allows for bypass of XS-Search (read-only Cross-Site Request Forgery) prevention",@apollo/server,0,5.5.0,,MODERATE,CWE-200,
 GHSA-9q82-xgwf-vj6h,2026-03-26T21:53:10Z,"Apollo Server: Browser bug allows for bypass of XS-Search (read-only Cross-Site Request Forgery) prevention",apollo-server-core,0,,3.13.0,MODERATE,CWE-200,
+GHSA-9q8j-chc7-wpgp,2026-03-29T15:30:20Z,"Duplicate Advisory: OpenClaw session transcript files were created without forced user-only permissions",openclaw,0,2026.2.17,,MODERATE,CWE-378,
 GHSA-9q9m-m2f6-jr5q,2020-09-02T20:22:34Z,"Malicious Package in chak",chak,0,,,CRITICAL,CWE-506,
 GHSA-9qgh-7pgp-hp7r,2020-09-03T17:10:31Z,"Cross-Site Scripting in graylog-web-interface",graylog-web-interface,0.0.0,,,HIGH,CWE-79,
 GHSA-9qr9-h5gf-34mp,2025-12-03T19:07:11Z,"Next.js is vulnerable to RCE in React flight protocol",next,14.3.0-canary.77,15.0.5,,CRITICAL,CWE-502,
@@ -6227,8 +6485,9 @@ GHSA-9vrw-m88g-w75q,2020-09-03T15:45:53Z,"Denial of Service in @hapi/accept",@ha
 GHSA-9vrw-m88g-w75q,2020-09-03T15:45:53Z,"Denial of Service in @hapi/accept",@hapi/accept,4.0.0,5.0.1,,HIGH,,
 GHSA-9vvh-2768-c8vp,2026-03-13T18:58:20Z,"OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists",openclaw,0,2026.3.11,,MODERATE,CWE-284;CWE-863,
 GHSA-9w87-4j72-gcv7,2020-09-02T18:27:54Z,"Insecure Default Configuration in graphql-code-generator",graphql-code-generator,0,0.18.2,,HIGH,,
+GHSA-9wc7-mj3f-74xv,2026-04-16T21:44:15Z,"Flowise: Code Injection in CSVAgent leads to Authenticated RCE",flowise,0,3.1.0,,CRITICAL,CWE-94,
+GHSA-9wc7-mj3f-74xv,2026-04-16T21:44:15Z,"Flowise: Code Injection in CSVAgent leads to Authenticated RCE",flowise-components,0,3.1.0,,CRITICAL,CWE-94,
 GHSA-9wjh-jr2j-6r4x,2020-09-02T15:55:58Z,"Remote Code Execution in pi_video_recording",pi_video_recording,0,,,HIGH,CWE-20,
-GHSA-9wqx-g2cw-vc7r,2026-03-27T22:31:48Z,"OpenClaw: Matrix Verification Notices Bypass Matrix DM Policy and Reply to Unpaired DM Peers",openclaw,0,,2026.3.24,MODERATE,CWE-288;CWE-863,
 GHSA-9wx7-jrvc-28mm,2021-11-08T21:51:18Z,"Signature verification vulnerability in Stark Bank ecdsa libraries",starkbank-ecdsa,1.1.2,1.1.3,,HIGH,CWE-347,
 GHSA-9x4v-xfq5-m8x5,2025-02-05T21:49:39Z,"Better Auth URL parameter HTML Injection (Reflected Cross-Site scripting)",better-auth,0.0.2,1.1.16,,MODERATE,CWE-79,
 GHSA-9xgp-hfw7-73rq,2020-08-19T21:30:04Z,"Authentication Weakness in keystone",keystone,0,0.3.16,,MODERATE,,
@@ -6244,6 +6503,7 @@ GHSA-c3px-v9c7-m734,2020-09-03T19:04:39Z,"Prototype Pollution in mithril",mithri
 GHSA-c447-w54g-f55j,2026-03-29T15:30:19Z,"Duplicate Advisory: OpenClaw Telegram webhook request bodies were read before secret validation, enabling unauthenticated resource exhaustion",openclaw,0,,2026.3.12,HIGH,CWE-770,
 GHSA-c4fm-46gm-4469,2020-09-03T20:00:05Z,"Malicious Package in sparkies",sparkies,0.0.0,,,CRITICAL,CWE-506,
 GHSA-c4hh-fg8x-6h9p,2020-09-03T21:57:29Z,"Malicious Package in buffer-xnr",buffer-xnr,0.0.0,,,CRITICAL,CWE-506,
+GHSA-c4qm-58hj-j6pj,2026-04-17T21:47:36Z,"OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation",openclaw,0,2026.4.14,,MODERATE,CWE-918,
 GHSA-c53x-wwx2-pg96,2020-09-03T17:03:58Z,"Cross-Site Scripting in @berslucas/liljs",@berslucas/liljs,0,1.0.2,,MODERATE,CWE-79,
 GHSA-c5j4-vw9m-xc95,2020-08-27T22:44:08Z,"Open Redirect in hekto",hekto,0,0.2.4,,LOW,,
 GHSA-c5xm-m64m-f2vq,2020-09-04T15:23:47Z,"Malicious Package in cxct",cxct,0.0.0,,,CRITICAL,CWE-506,
@@ -6253,22 +6513,24 @@ GHSA-c6m7-q6pr-c64r,2025-12-12T16:41:58Z,"Vite Plugin React has a Source Code Ex
 GHSA-c7pp-x73h-4m2v,2020-09-02T15:53:46Z,"Cross-Site Scripting in bootstrap-vue",bootstrap-vue,0,2.0.0-rc.12,,HIGH,CWE-79,
 GHSA-c7w3-x93f-qmm8,2026-03-26T22:26:46Z,"Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter",nodemailer,0,8.0.4,,LOW,CWE-93,
 GHSA-c8m8-3jcr-6rj5,2026-03-07T02:31:18Z,"FUXA has a hardcoded fallback JWT signing secret",@frangoteam/fuxa,0,1.3.0,,HIGH,CWE-321,
+GHSA-c9h3-5p7r-mrjh,2026-04-17T21:56:04Z,"OpenClaw: Discord event cover images bypassed sandbox media normalization",openclaw,2026.4.7,2026.4.10,,MODERATE,CWE-22,
+GHSA-cc4f-hjpj-g9p8,2026-04-16T21:21:12Z,"Flowise: Weak Default JWT Secrets",flowise,0,3.1.0,,MODERATE,CWE-327,
 GHSA-ccgf-5rwj-j3hv,2026-04-02T23:21:23Z,"TeleJSON: DOM XSS via unsanitised constructor name in `new Function()`",telejson,0,6.0.0,,LOW,CWE-79,
 GHSA-ccq6-3qx5-vmqx,2018-07-31T22:54:14Z,"Moderate severity vulnerability that affects is-my-json-valid",is-my-json-valid,0,2.12.4,,MODERATE,,
 GHSA-ccrp-c664-8p4j,2020-09-03T21:17:36Z,"Cross-Site Scripting in markdown-to-jsx",markdown-to-jsx,0,6.11.4,,HIGH,CWE-79,
+GHSA-ccx3-fw7q-rr2r,2026-04-09T17:37:20Z,"OpenClaw: Multiple Code Paths Missing Base64 Pre-Allocation Size Checks",openclaw,0,2026.4.8,,MODERATE,CWE-770,
 GHSA-cfc5-x58f-869w,2020-09-03T19:40:55Z,"Malicious Package in conistring",conistring,0.0.0,,,CRITICAL,CWE-506,
 GHSA-cff4-rrq6-h78w,2019-06-03T17:31:26Z,"Command Injection in command-exists",command-exists,0,1.2.4,,CRITICAL,CWE-77,
-GHSA-cfp9-w5v9-3q4h,2026-03-26T21:48:06Z,"OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts",openclaw,0,2026.3.2,,MODERATE,CWE-863,
 GHSA-cfqx-f43m-vfh7,2024-10-03T19:46:42Z,"@saltcorn/server arbitrary file and directory listing when accessing build mobile app results",@saltcorn/server,0,1.0.0-beta.14,,MODERATE,CWE-548,
 GHSA-cfwc-xjfp-44jg,2020-09-04T17:19:48Z,"Command Injection in gnuplot",gnuplot,0.0.0,,,CRITICAL,CWE-77,
 GHSA-cfxh-frx4-9gjg,2023-12-15T03:13:18Z,"Cross-site Scripting in @spscommerce/ds-react",@spscommerce/ds-react,4.12.2,7.17.4,,CRITICAL,CWE-79,
 GHSA-cg48-9hh2-x6mx,2020-09-02T18:28:58Z,"HTML Injection in preact",preact,10.0.0-alpha.0,10.0.0-beta.1,,MODERATE,CWE-74,
-GHSA-cg6c-q2hx-69h7,2026-03-26T18:56:32Z,"OpenClaw: Plivo V2 verified replay identity drifts on query-only variants",openclaw,0,2026.3.23,,HIGH,CWE-294,
 GHSA-cg7q-fg22-4g98,2026-04-03T03:07:13Z,"OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables",openclaw,0,2026.3.31,,MODERATE,CWE-184,
 GHSA-cgjv-rghq-qhgp,2019-09-11T23:00:57Z,"Path Traversal in algo-httpserv",algo-httpserv,0,1.1.2,,HIGH,CWE-22,
 GHSA-cgvm-rvfv-c92r,2020-09-03T17:05:51Z,"Malicious Package in ecuvre",ecuvre,0.0.0,,,CRITICAL,CWE-506,
 GHSA-ch52-vgq2-943f,2020-09-03T18:15:53Z,"Regular Expression Denial of Service in marked",marked,0.4.0,0.7.0,,LOW,CWE-1333,
 GHSA-ch82-gqh6-9xj9,2020-09-04T15:13:19Z,"Prototype Pollution in get-setter",get-setter,0.0.0,,,HIGH,CWE-1321,
+GHSA-ch86-pxr9-j9h9,2026-04-03T21:31:43Z,"Duplicate Advisory: OpenClaw: Gemini OAuth exposed the PKCE verifier through the OAuth state parameter",openclaw,0,2026.4.2,,MODERATE,CWE-330,
 GHSA-chfm-xgc4-47rj,2026-04-02T21:01:28Z,"OpenClaw: MSTeams thread history bypasses sender allowlist via Graph API",openclaw,0,2026.3.31,,LOW,CWE-863,
 GHSA-chgg-rrmv-5q7x,2020-08-03T18:05:48Z,Withdrawn,jwt-simple,0,0.3.1,,MODERATE,,
 GHSA-chh2-rvhg-wqwr,2020-09-03T21:02:10Z,"Malicious Package in json-serializer",json-serializer,2.0.10,2.0.11,,CRITICAL,,
@@ -6278,6 +6540,8 @@ GHSA-cj63-jhhr-wcxv,2026-04-03T03:45:08Z,"DOMPurify USE_PROFILES prototype pollu
 GHSA-cjmm-f4jc-qw8r,2026-04-03T03:46:07Z,"DOMPurify ADD_ATTR predicate skips URI validation",dompurify,0,3.3.2,,MODERATE,CWE-183,
 GHSA-cjq8-m7wj-xmq9,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows",openclaw,0,,,LOW,CWE-863,
 GHSA-cjv3-m589-v3rx,2026-03-03T23:17:06Z,"OpenClaw has Canvas route hardening for mixed-trust deployments",openclaw,0,2026.2.21,,MODERATE,CWE-1021;CWE-79,
+GHSA-cm8v-2vh9-cxf3,2026-04-09T20:28:32Z,"OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant)",openclaw,0,2026.4.8,,LOW,CWE-184;CWE-78,
+GHSA-cmfr-9m2r-xwhq,2026-04-09T17:34:21Z,"OpenClaw `node.invoke(browser.proxy)` bypasses `browser.request` persistent profile-mutation guard",openclaw,0,2026.4.8,,MODERATE,CWE-863,
 GHSA-cp47-r258-q626,2023-03-02T23:36:22Z," Vega vulnerable to arbitrary code execution when clicking href links",vega,0,4.5.1,,MODERATE,,
 GHSA-cp47-r258-q626,2023-03-02T23:36:22Z," Vega vulnerable to arbitrary code execution when clicking href links",vega,5.0.0,5.4.1,,MODERATE,,
 GHSA-cpgr-wmr9-qxv4,2020-09-11T21:20:14Z,"Cross-Site Scripting in serve",serve,0,10.0.2,,MODERATE,CWE-79,
@@ -6297,13 +6561,22 @@ GHSA-crr2-ph72-c52g,2020-09-03T17:27:22Z,"Malicious Package in my-very-own-packa
 GHSA-crvj-3gj9-gm2p,2018-10-09T00:44:29Z,"High severity vulnerability that affects qs",qs,0,1.0.0,,HIGH,,
 GHSA-cv3v-7846-6pxm,2020-09-03T21:15:19Z,"Unauthorized File Access in node-git-server",node-git-server,0,0.6.1,,HIGH,CWE-552,
 GHSA-cvfm-xjc8-f2vm,2020-09-03T15:46:36Z,"Denial of Service in @commercial/subtext",@commercial/subtext,5.1.1,5.1.2,,HIGH,,
+GHSA-cvrr-qhgw-2mm6,2026-04-16T21:46:39Z,"Flowise: Parameter Override Bypass Remote Command Execution",flowise,0,3.1.0,,HIGH,CWE-20,
+GHSA-cvrr-qhgw-2mm6,2026-04-16T21:46:39Z,"Flowise: Parameter Override Bypass Remote Command Execution",flowise-components,0,3.1.0,,HIGH,CWE-20,
 GHSA-cwf8-44x6-32c2,2026-04-03T02:49:14Z,"OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal",openclaw,0,2026.3.31,,HIGH,CWE-434;CWE-59,
 GHSA-cwq8-6f96-g3q4,2026-04-02T21:24:03Z,"OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open)",openclaw,0,2026.3.31,,LOW,CWE-636;CWE-754,
 GHSA-cx7r-634m-2q2h,2020-09-02T18:20:21Z,"Cross-Site Scripting in harp",harp,0,,,MODERATE,,
 GHSA-cxcw-jm67-3wwp,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw's andbox browser noVNC observer lacked VNC authentication",openclaw,0,,,HIGH,CWE-306,
-GHSA-cxmw-p77q-wchg,2026-03-26T19:30:52Z,"OpenClaw: Arbitrary code execution via unvalidated WebView JavascriptInterface",openclaw,0,2026.3.22,,HIGH,CWE-77;CWE-940,
+GHSA-cxfr-3qp8-hpmw,2026-03-31T12:31:36Z,"Duplicate Advisory: OpenClaw: Zalo webhook rate limiting could be bypassed before secret validation",openclaw,0,2026.3.12,,MODERATE,CWE-307,
+GHSA-f228-chmx-v6j6,2026-04-16T21:43:57Z,"Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.",flowise,0,3.1.0,,HIGH,CWE-94,
+GHSA-f228-chmx-v6j6,2026-04-16T21:43:57Z,"Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.",flowise-components,0,3.1.0,,HIGH,CWE-94,
+GHSA-f275-5h5c-5wg5,2026-03-31T15:31:56Z,"Duplicate Advisory: OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation",openclaw,0,2026.3.28,,HIGH,CWE-863,
 GHSA-f294-27fc-wgj7,2020-09-03T22:16:31Z,"Malicious Package in buffer-zor",buffer-zor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-f3f2-mcxc-pwjx,2026-02-26T15:56:31Z,"n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes",n8n,0,2.4.0,,MODERATE,CWE-89,
+GHSA-f3g8-9xv5-77gv,2026-04-16T23:00:45Z,"Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)",@saltcorn/server,0,1.4.6,,MODERATE,CWE-601,
+GHSA-f3g8-9xv5-77gv,2026-04-16T23:00:45Z,"Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)",@saltcorn/server,1.5.0-beta.0,1.5.6,,MODERATE,CWE-601,
+GHSA-f3g8-9xv5-77gv,2026-04-16T23:00:45Z,"Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)",@saltcorn/server,1.6.0-alpha.0,1.6.0-beta.5,,MODERATE,CWE-601,
+GHSA-f3h5-h452-vp3j,2026-04-17T22:00:59Z,"OpenClaw: Nostr profile mutation routes allowed operator.write config persistence",openclaw,0,2026.4.10,,MODERATE,CWE-266;CWE-863,
 GHSA-f3pc-c2gf-hvgw,2020-09-02T21:13:14Z,"Malicious Package in requets",requets,0,,,CRITICAL,CWE-506,
 GHSA-f3vw-587g-r29g,2020-09-03T15:50:38Z,"Path Traversal in sapper",sapper,0,0.27.11,,CRITICAL,CWE-22,
 GHSA-f44p-c7w9-7xr7,2026-03-31T23:54:00Z,"OpenClaw: Gateway WebSocket Denial of Service via unbounded pre-auth upgrades",openclaw,0,2026.3.28,,MODERATE,CWE-400;CWE-770,
@@ -6316,8 +6589,10 @@ GHSA-f693-58pc-2gfr,2026-04-03T03:20:58Z,"OpenClaw: Telegram legacy allowFrom mi
 GHSA-f698-m2v9-5fh3,2019-06-04T20:11:44Z,"Command Injection in opencv",opencv,0,6.1.0,,LOW,CWE-77,
 GHSA-f6gj-7592-5jxm,2021-02-23T21:33:53Z,"Directory Traversal",node-simple-router,0,0.10.1,,HIGH,,
 GHSA-f6h3-846h-2r8w,2026-03-04T18:58:07Z,"OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization",openclaw,0,2026.2.22,,MODERATE,CWE-639,
+GHSA-f6hc-c5jr-878p,2026-04-16T21:55:18Z,"Flowise: resetPassword Authentication Bypass Vulnerability",flowise,0,3.1.0,,HIGH,CWE-287,
 GHSA-f6pf-4gjx-c94r,2026-04-03T03:05:07Z,"OpenClaw: Media Parsing Path Traversal Leads to Arbitrary File Read",openclaw,0,2026.3.28,,HIGH,CWE-22,
 GHSA-f72h-wf57-7xwh,2020-09-03T21:58:34Z,"Malicious Package in buffer-xo2",buffer-xo2,0.0.0,,,CRITICAL,CWE-506,
+GHSA-f7fh-qg34-x2xh,2026-04-17T22:18:28Z,"OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets",openclaw,0,2026.4.5,,MODERATE,CWE-918,
 GHSA-f7g4-fm4c-54m9,2020-09-03T21:06:31Z,"Malicious Package in yeoman-genrator",yeoman-genrator,0.0.0,,,CRITICAL,CWE-506,
 GHSA-f7gc-6hcj-wc42,2020-09-03T17:05:06Z,"Malicious Package in path-to-regxep",path-to-regxep,0.0.0,,,CRITICAL,CWE-506,
 GHSA-f7qw-5pvg-mmwp,2019-06-13T18:58:44Z,"Prototype Pollution in lutils-merge",lutils-merge,0,,0.2.6,MODERATE,CWE-400,
@@ -6329,11 +6604,13 @@ GHSA-f8pq-3926-8gx5,2023-08-09T20:59:14Z,"Unsanitized user controlled input in m
 GHSA-f8r2-vg7x-gh8m,2026-03-13T20:55:03Z,"OpenClaw: Exec approval allowlist patterns overmatched on POSIX paths",openclaw,0,2026.3.11,,MODERATE,CWE-178;CWE-625,
 GHSA-f8rq-m28h-8hxj,2020-09-03T15:50:29Z,"Cross-Site Scripting in htmr",htmr,0,0.8.7,,HIGH,CWE-79,
 GHSA-f8vf-6hwg-hw55,2020-09-04T15:38:21Z,"Malicious Package in bictore-lib",bictore-lib,0.0.0,,,CRITICAL,CWE-506,
+GHSA-f934-5rqf-xx47,2026-04-17T22:33:33Z,"OpenClaw: QMD memory_get restricts reads to canonical or indexed memory paths",openclaw,0,2026.4.15,,MODERATE,CWE-22,
 GHSA-ff5x-w9wg-h275,2020-03-06T01:15:46Z,"Holder can generate proof of ownership for credentials it does not control in vp-toolkit",vp-toolkit,0,0.2.2,,HIGH,,
 GHSA-ff6g-gm92-rf32,2020-09-03T19:42:06Z,"Malicious Package in coinstirng",coinstirng,0.0.0,,,CRITICAL,CWE-506,
 GHSA-ff98-w8hj-qrxf,2026-03-03T21:39:26Z,"OpenClaw plugin runtime command execution is part of trusted plugin boundary",openclaw,0,2026.2.19,,MODERATE,CWE-78,
 GHSA-ffr4-mrhv-vfr2,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw has browser trace/download path symlink escape in temp output handling",openclaw,0,,,MODERATE,CWE-59,
 GHSA-fgp6-8g62-qx6w,2020-09-03T17:01:45Z,"Malicious Package in smartsearchwp",smartsearchwp,0,,,CRITICAL,CWE-506,
+GHSA-fh32-73r9-rgh5,2026-04-07T18:15:56Z,"OpenClaw: Trailing-dot localhost CDP hosts could bypass remote loopback protections",openclaw,0,2026.4.2,,MODERATE,CWE-20,
 GHSA-fj93-7wm4-8x2g,2020-09-02T21:22:47Z,"Cross-Site Scripting in jquery-mobile",jquery-mobile,0,,,HIGH,CWE-79,
 GHSA-fjh6-8679-9pch,2025-11-14T20:57:31Z,"Flowise does not Prevent Bypass of Password Confirmation - Unverified Password Change",flowise-ui,0,3.0.10,,HIGH,CWE-306;CWE-620,
 GHSA-fm4j-4xhm-xpwx,2020-09-02T15:51:34Z,"Sandbox Breakout / Arbitrary Code Execution in sandbox",sandbox,0.0.0,,,MODERATE,,
@@ -6347,6 +6624,8 @@ GHSA-fpf2-pr3j-4cm3,2020-09-03T17:06:06Z,"Malicious Package in ecruve",ecruve,0.
 GHSA-fpg4-jhqr-589c,2026-02-28T02:04:39Z,"SvelteKit  has deserialization expansion in unvalidated `form` remote function leading to Denial of Service (experimental only)",@sveltejs/kit,2.49.0,2.53.3,,LOW,CWE-770,
 GHSA-fpgg-r39h-3x5x,2020-09-03T17:06:22Z,"Malicious Package in cxt",cxt,0.0.0,,,CRITICAL,CWE-506,
 GHSA-fpw3-x4xq-6vxq,2020-09-02T18:32:13Z,"Malicious Package in wepack-cli",wepack-cli,0,,,CRITICAL,CWE-506,
+GHSA-fpw4-p57j-hqmq,2026-04-16T22:49:13Z,"Paperclip: Stored XSS via javascript: URLs in MarkdownBody — urlTransform override disables react-markdown sanitization",@paperclipai/ui,0,2026.416.0,,MODERATE,CWE-79,
+GHSA-fqrj-m88p-qf3v,2026-04-07T18:14:50Z,"OpenClaw: Zalo replay dedupe cache could suppress events across authenticated webhook targets",openclaw,2026.2.19,2026.3.31,,LOW,CWE-287,
 GHSA-fqw4-mph7-2vr8,2026-03-27T22:29:47Z,"OpenClaw: Silent privilege escalation via gateway shared-auth reconnect",openclaw,0,,2026.3.24,CRITICAL,CWE-863,
 GHSA-fqw7-8v6m-2f86,2020-09-02T21:37:39Z,"Malicious Package in hulp",hulp,0,,,CRITICAL,CWE-506,
 GHSA-fr4j-65pv-gjjj,2026-01-13T20:28:16Z,"Renovate vulnerable to arbitrary command injection via npm manager and malicious Renovate configuration",renovate,35.63.0,40.33.0,,MODERATE,CWE-77,
@@ -6357,14 +6636,16 @@ GHSA-fvfv-ppw4-7h2w,2026-02-26T22:46:42Z,"n8n has a Guardrail Node Bypass",n8n,0
 GHSA-fvwr-h9xh-m6wc,2020-09-03T20:33:17Z,"Denial of Service in @commercial/subtext",@commercial/subtext,0,5.1.1,,HIGH,CWE-400,
 GHSA-fw4p-36j9-rrj3,2020-09-03T20:25:33Z,"Denial of Service in sequelize",sequelize,0,4.44.4,,MODERATE,CWE-248,
 GHSA-fw76-p9p2-6pvf,2020-09-03T19:58:58Z,"Malicious Package in serilize",serilize,0.0.0,,,CRITICAL,CWE-506,
+GHSA-fwjq-xwfj-gv75,2026-04-07T18:11:09Z,"OpenClaw: `session_status` still bypasses configured `tools.sessions.visibility` for unsandboxed invocations ",openclaw,0,2026.3.31,,MODERATE,CWE-863,
 GHSA-fwvq-x4j9-hr5f,2020-09-03T19:43:09Z,"Malicious Package in bs58chekc",bs58chekc,0.0.0,,,CRITICAL,CWE-506,
 GHSA-g27f-9qjv-22pm,2026-02-17T21:31:39Z,"OpenClaw log poisoning (indirect prompt injection) via WebSocket headers",openclaw,0,2026.2.13,,LOW,CWE-117,
 GHSA-g2c4-4m64-vxm3,2020-09-03T22:15:25Z,"Malicious Package in buffer-yor",buffer-yor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-g2f6-pwvx-r275,2026-03-16T20:41:12Z,"OpneClaw accepts unsanitized iMessage attachment paths which allowed SCP remote-path command injection",openclaw,0,2026.3.13,,HIGH,CWE-78,
+GHSA-g2hm-779g-vm32,2026-04-17T21:48:25Z,"OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events",openclaw,2026.4.7,2026.4.14,,MODERATE,CWE-863,
 GHSA-g336-c7wv-8hp3,2020-09-01T15:58:06Z,"Cross-Site Scripting in swagger-ui",swagger-ui,0,2.2.1,,CRITICAL,CWE-79,
-GHSA-g353-mgv3-8pcj,2026-03-13T20:55:34Z,"OpenClaw: Feishu webhook mode accepted forged events when only `verificationToken` was configured",openclaw,0,2026.3.12,,HIGH,CWE-347,
 GHSA-g35x-j6jj-8g7j,2023-05-02T16:51:25Z,"@mittwald/kubernetes's secret contents leaked via debug logging",@mittwald/kubernetes,0,3.5.0,,MODERATE,CWE-532,
 GHSA-g374-mggx-p6xc,2026-04-03T03:05:48Z,"OpenClaw: Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode",openclaw,0,2026.3.31,,HIGH,CWE-863,
+GHSA-g375-h3v6-4873,2026-04-17T21:48:57Z,"OpenClaw: Heartbeat owner downgrade missed local async exec completion events",openclaw,2026.3.31,2026.4.10,,MODERATE,CWE-269,
 GHSA-g376-whg7-896m,2020-09-01T18:45:53Z,"Directory Traversal in yjmyjmyjm",yjmyjmyjm,0.0.0,,,HIGH,CWE-22,
 GHSA-g37j-v5gh-g25c,2020-09-03T23:06:48Z,"Malicious Package in js-shi3",js-shi3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-g3qj-j598-cxmq,2026-03-24T19:10:38Z,"fido2-lib is vulnerable to DoS via cbor-extract heap buffer over-read in CBOR attestation parsing",fido2-lib,0,3.5.8,,HIGH,CWE-125;CWE-126;CWE-1395,
@@ -6380,13 +6661,13 @@ GHSA-g74r-ffvr-5q9f,2019-06-03T17:26:44Z,"Memory Exposure in concat-stream",conc
 GHSA-g74r-ffvr-5q9f,2019-06-03T17:26:44Z,"Memory Exposure in concat-stream",concat-stream,1.4.0,1.4.11,,MODERATE,CWE-200,
 GHSA-g74r-ffvr-5q9f,2019-06-03T17:26:44Z,"Memory Exposure in concat-stream",concat-stream,1.5.0,1.5.2,,MODERATE,CWE-200,
 GHSA-g753-jx37-7xwh,2020-06-30T16:05:08Z,"ECDSA signature vulnerability of Minerva timing attack in jsrsasign",jsrsasign,4.0.0,8.0.13,,MODERATE,CWE-362,
-GHSA-g7cr-9h7q-4qxq,2026-03-12T14:21:35Z,"OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty",openclaw,0,2026.3.8,,MODERATE,CWE-289,
 GHSA-g7h8-p22m-2rvx,2020-09-04T15:08:46Z,"Prototype Pollution in flat-wrap",flat-wrap,0.0.0,,,HIGH,CWE-1321,
 GHSA-g7mw-5cq6-fv82,2020-09-02T21:20:40Z,"Cross-Site Scripting in wangeditor",wangeditor,0,,,HIGH,CWE-79,
 GHSA-g839-vp47-wgh8,2026-03-21T03:31:15Z,"Duplicate Advisory: OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress",openclaw,0,,2026.2.24,MODERATE,CWE-863,
 GHSA-g86v-f9qv-rh6m,2026-03-31T23:58:43Z,"OpenClaw SSRF guard misses four IPv6 special-use ranges",openclaw,0,2026.3.28,,LOW,CWE-918,
 GHSA-g8jc-mm3c-cwhj,2020-09-02T20:31:06Z,"Malicious Package in reques",reques,0,,,CRITICAL,CWE-506,
 GHSA-g8m7-qhv7-9h5x,2019-07-05T21:07:14Z,"Path Traversal in serve-here.js",serve-here,0,,3.2.0,HIGH,CWE-22,
+GHSA-g8mc-c5f2-mqg7,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision",openclaw,0,2026.3.22,,MODERATE,CWE-706,
 GHSA-g8q2-24jh-5hpc,2018-07-27T14:47:52Z,"High severity vulnerability that affects jquery-ui",jquery-ui,0,1.12.0,,HIGH,,
 GHSA-g8vp-6hv4-m67c,2020-09-11T21:23:29Z,"Command Injection in entitlements",entitlements,0,1.3.0,,HIGH,CWE-77,
 GHSA-g8xp-qx39-9jq9,2026-04-03T03:00:51Z,"OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides",openclaw,0,2026.3.31,,HIGH,CWE-427,
@@ -6399,20 +6680,24 @@ GHSA-g9wf-393q-4w38,2020-09-03T17:28:26Z,"Malicious Package in only-test-not-ins
 GHSA-g9wg-wq4f-2x5w,2020-09-03T19:00:10Z,"Cross-Site Scripting in console-feed",console-feed,0,2.8.10,,HIGH,CWE-79,
 GHSA-gc25-3vc5-2jf9,2020-09-04T15:00:58Z,"Sandbox Breakout / Arbitrary Code Execution in sandbox",sandbox,0.0.0,,,CRITICAL,,
 GHSA-gc94-6w89-hpqr,2019-06-12T16:37:07Z,"Command Injection in fs-path",fs-path,0,0.0.25,,HIGH,CWE-77,
+GHSA-gc9r-867r-j85f,2026-04-17T21:51:04Z,"OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks",openclaw,2026.4.10,2026.4.14,,LOW,CWE-862,
 GHSA-gcfc-mgg3-8j2c,2020-09-03T18:11:29Z,"Malicious Package in sdfjghlkfjdshlkjdhsfg",sdfjghlkfjdshlkjdhsfg,0.0.0,,,CRITICAL,CWE-506,
 GHSA-gcj7-r3hg-m7w6,2026-03-03T22:25:37Z,"OpenClaw's voice-call Twilio replay dedupe now bound to authenticated webhook identity",openclaw,0,2026.2.26,,LOW,CWE-294;CWE-345,
 GHSA-gf8q-jrpm-jvxq,2022-01-08T00:22:02Z,"URL parsing in node-forge could lead to undesired behavior.",node-forge,0,1.0.0,,LOW,CWE-601,
 GHSA-gfj6-p24g-6hpm,2020-09-03T22:55:06Z,"Malicious Package in jc-sha3",jc-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-gfjr-xqhm-qvv3,2020-09-02T20:16:09Z,"Malicious Package in aysnc",aysnc,0,,,CRITICAL,CWE-506,
 GHSA-gfm8-g3vm-53jh,2020-09-03T17:21:19Z,"Malicious Package in leetlog",leetlog,0.1.2,,,CRITICAL,CWE-506,
+GHSA-gfmx-pph7-g46x,2026-04-09T14:22:14Z,"OpenClaw: Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `exec-event` downgrade",openclaw,0,2026.4.8,,HIGH,CWE-501,
 GHSA-gg9v-mgcp-v6m7,2026-04-03T03:19:33Z,"OpenClaw: Unbound bootstrap setup codes allow privilege escalation during pairing",openclaw,0,2026.3.22,,HIGH,CWE-269,
 GHSA-ggm6-h3mx-cmmp,2026-03-19T03:30:57Z,"Duplicate Advisory: safeBins stdin-only bypass via sort output and recursive grep flags",openclaw,0,,2026.2.17,LOW,CWE-78,
+GHSA-gj9q-8w99-mp8j,2026-04-16T21:19:21Z,"OpenClaw: TOCTOU read in exec script preflight",openclaw,0,2026.4.10,,LOW,CWE-367,
 GHSA-gjhc-6xm7-mc8q,2024-01-03T18:30:51Z,"Duplicate Advisory: Cross-site scripting vulnerability in TinyMCE",tinymce,0,5.9.0,,MODERATE,CWE-79,
 GHSA-gjm7-hw8f-73rq,2026-04-03T03:15:08Z,"OpenClaw: Paired node escalates to gateway RCE via unrestricted node.event agent dispatch",openclaw,0,2026.3.31,,HIGH,CWE-863,
 GHSA-gjph-xf5q-6mfq,2020-09-03T15:46:02Z,"Denial of Service in @hapi/ammo",@hapi/ammo,0,3.1.2,,HIGH,,
 GHSA-gjph-xf5q-6mfq,2020-09-03T15:46:02Z,"Denial of Service in @hapi/ammo",@hapi/ammo,4.0.0,5.0.1,,HIGH,,
 GHSA-gm68-572p-q28r,2023-07-06T15:30:51Z,"@vendure/admin-ui-plugin authenticated Cross-site Scripting vulnerability",@vendure/admin-ui-plugin,0,2.0.3,,MODERATE,CWE-79,
 GHSA-gm9g-2g8v-fvxj,2019-06-06T15:32:28Z,"Prototype Pollution in upmerge",upmerge,0,,0.1.8,MODERATE,CWE-345;CWE-400,
+GHSA-gm9m-x74r-8whg,2026-03-31T15:31:56Z,"Duplicate Advisory: OpenClaw's Nextcloud Talk webhook missing rate limiting on shared secret authentication",openclaw,0,2026.3.28,,MODERATE,CWE-307,
 GHSA-gm9x-q798-hmr4,2020-07-29T14:53:40Z,"Command Injection in git-tags-remote",git-tags-remote,0,1.0.4,,HIGH,CWE-78,
 GHSA-gmjp-776j-2394,2020-09-03T17:04:24Z,"Malicious Package in ripmed160",ripmed160,0.0.0,,,CRITICAL,CWE-506,
 GHSA-gp3q-wpq4-5c5h,2026-03-12T14:21:45Z,"OpenClaw: LINE group allowlist scope mismatch with DM pairing-store entries",openclaw,0,2026.2.26,,HIGH,CWE-863,
@@ -6421,6 +6706,7 @@ GHSA-gpv5-7x3g-ghjv,2023-06-15T19:05:13Z,"fast-xml-parser regex vulnerability pa
 GHSA-gq3j-xvxp-8hrf,2026-02-19T20:15:59Z,"Hono added timing comparison hardening in basicAuth and bearerAuth",hono,0,4.11.10,,LOW,CWE-208,
 GHSA-gqf6-75v8-vr26,2020-09-04T16:56:11Z,"Arbitrary File Write in bin-links",bin-links,0,1.1.5,,LOW,,
 GHSA-gqq4-937c-2282,2020-09-03T22:49:42Z,"Malicious Package in juffer-xor",juffer-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-gqqj-85qm-8qhf,2026-04-16T22:47:40Z,"Paperclip: codex_local inherited ChatGPT/OpenAI-connected Gmail and was able to send real email",paperclipai,0,,2026.403.0,HIGH,CWE-284,
 GHSA-gr4j-r575-g665,2020-08-25T14:04:47Z,"Cross-Site Scripting in highcharts",highcharts,0,7.2.2,,HIGH,CWE-79,
 GHSA-gr4j-r575-g665,2020-08-25T14:04:47Z,"Cross-Site Scripting in highcharts",highcharts,8.0.0,8.1.1,,HIGH,CWE-79,
 GHSA-gvff-25cc-4f66,2020-09-03T17:15:56Z,"Path Traversal in restify-swagger-jsdoc",restify-swagger-jsdoc,0,3.2.1,,HIGH,CWE-22,
@@ -6440,17 +6726,17 @@ GHSA-h25m-26qc-wcjf,2026-01-28T15:38:01Z,"Next.js HTTP request deserialization c
 GHSA-h26f-j4mv-84g7,2020-09-02T18:39:43Z,"Malicious Package in asycn",asycn,0,,,CRITICAL,CWE-506,
 GHSA-h29r-4vqp-8jxf,2020-08-20T17:21:46Z,"Cross-Site Scripting in keystone",keystone,0,4.0.0,,MODERATE,,
 GHSA-h2j3-gg8w-4858,2020-09-03T22:12:09Z,"Malicious Package in buffer-xos",buffer-xos,0.0.0,,,CRITICAL,CWE-506,
+GHSA-h2v7-xc88-xx8c,2026-04-07T18:10:04Z,"OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels ",openclaw,0,2026.3.28,,MODERATE,CWE-285,
 GHSA-h36m-2vh5-x699,2026-03-19T03:30:57Z,"Duplicate Advisory: ACPX Windows wrapper shell fallback allowed cwd injection in specific paths",openclaw,2026.2.26,,,MODERATE,CWE-78,
 GHSA-h3hw-29fv-2x75,2026-01-21T16:36:27Z,"@envelop/graphql-modules has a Race Condition vulnerability",@envelop/graphql-modules,0,9.1.0,,HIGH,CWE-362,
 GHSA-h3m2-h22h-695r,2020-09-03T17:29:31Z,"Malicious Package in ali-contributor",ali-contributor,0.0.0,,,CRITICAL,CWE-506,
-GHSA-h3x4-hc5v-v2gm,2026-03-26T19:07:55Z,"OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation",openclaw,0,2026.3.22,,MODERATE,CWE-40,
 GHSA-h42x-xx2q-6v6g,2025-03-13T22:38:03Z,"Flowise Pre-auth Arbitrary File Upload",flowise,0,,2.2.7,CRITICAL,CWE-434,
+GHSA-h43v-27wg-5mf9,2026-04-07T18:14:39Z,"OpenClaw: Forged Nostr DMs could create pairing state before signature verification",openclaw,2026.3.22,2026.3.31,,MODERATE,CWE-347,
 GHSA-h44f-769q-j6px,2020-09-02T20:33:14Z,"Malicious Package in requet",requet,0,,,CRITICAL,CWE-506,
 GHSA-h45p-w933-jxh3,2021-06-01T21:20:22Z,"Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript ","@aws-crypto/client-browser",0,1.9.0,,MODERATE,CWE-347,
 GHSA-h45p-w933-jxh3,2021-06-01T21:20:22Z,"Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript ","@aws-crypto/client-browser",2.0.0,2.2.0,,MODERATE,CWE-347,
 GHSA-h45p-w933-jxh3,2021-06-01T21:20:22Z,"Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript ",@aws-crypto/client-node,0,1.9.0,,MODERATE,CWE-347,
 GHSA-h45p-w933-jxh3,2021-06-01T21:20:22Z,"Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript ",@aws-crypto/client-node,2.0.0,2.2.0,,MODERATE,CWE-347,
-GHSA-h4jx-hjr3-fhgc,2026-03-29T15:49:34Z,"OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`",openclaw,0,2026.3.28,,HIGH,CWE-266;CWE-863,
 GHSA-h5hg-h7rr-gpf3,2026-04-03T03:18:10Z,"OpenClaw: Node browser proxy `allowProfiles` bypass through persistent profile mutation and runtime profile selection",openclaw,0,2026.3.22,,HIGH,CWE-863,
 GHSA-h5mp-5q4p-ggf5,2020-09-03T18:07:05Z,"Prototype Pollution in lodash.defaultsdeep",lodash.defaultsdeep,0,4.6.1,,HIGH,CWE-1321,
 GHSA-h5vj-f7r9-w564,2020-09-01T21:22:35Z,"Entropy Backdoor in text-qrcode",text-qrcode,0.0.0,,,HIGH,CWE-506,
@@ -6467,8 +6753,6 @@ GHSA-h97f-6pqj-q452,2026-03-03T21:48:55Z,"OpenClaw has a IPv6 multicast SSRF cla
 GHSA-h97g-4mx7-5p2p,2020-09-03T17:11:36Z,"Open Redirect in apostrophe",apostrophe,0,2.92.0,,MODERATE,CWE-601,
 GHSA-h9wq-xcqx-mqxm,2023-07-11T22:46:19Z,"Vendure Cross Site Request Forgery vulnerability impacting all API requests",@vendure/core,0,2.0.3,,LOW,,
 GHSA-h9wr-xr4r-66fh,2020-09-03T18:20:20Z,"Cross-Site Scripting in dmn-js-properties-panel",dmn-js-properties-panel,0,0.3.0,,HIGH,CWE-79,
-GHSA-hc5h-pmr3-3497,2026-03-31T23:50:22Z,"OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation",openclaw,0,2026.3.28,,HIGH,CWE-863,
-GHSA-hf68-49fm-59cq,2026-03-26T21:40:57Z,"OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve",openclaw,0,2026.3.22,,CRITICAL,CWE-269,
 GHSA-hfpr-jhpq-x4rm,2026-03-09T19:54:41Z,"OpenClaw: `operator.write` chat.send could reach admin-only config writes",openclaw,0,2026.3.7,,MODERATE,CWE-863,
 GHSA-hfwx-c7q6-g54c,2021-03-12T23:04:46Z,"Vulnerability allowing for reading internal HTTP resources",highcharts-export-server,0,2.1.0,,HIGH,CWE-552,
 GHSA-hfxh-rjv7-2369,2023-11-27T17:25:11Z,"Uptime Kuma Authenticated remote code execution via TailscalePing",uptime-kuma,1.23.0,1.23.7,,MODERATE,,
@@ -6478,18 +6762,19 @@ GHSA-hg7c-66ff-9q8g,2020-07-31T16:18:53Z,"Sandbox bypass in constantinople",cons
 GHSA-hg7w-2pf7-mxm2,2020-09-03T17:02:31Z,"Malicious Package in wbe3",wbe3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-hgr5-82rc-p936,2020-09-01T21:24:41Z,"Cross-Site Scripting in md-data-table",md-data-table,0.0.0,,,HIGH,CWE-79,
 GHSA-hgwm-pv9h-q5m7,2020-09-18T18:03:29Z,"Potential XSS in jQuery dependency in Mirador",mirador,0,3.0.0-alpha.0,,MODERATE,CWE-79,
+GHSA-hgwr-wr8h-rxm7,2026-04-10T00:30:29Z,"Duplicate Advisory: OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals",openclaw,0,,,MODERATE,CWE-290,
 GHSA-hgxv-3497-3hhj,2023-07-04T18:30:58Z,"Duplicate Advisory: @fastify/oauth2 Oauth2 state parameter reuse",@fastify/oauth2,0,7.2.0,,MODERATE,,
 GHSA-hh43-q692-2xmq,2026-03-29T15:30:19Z,"Duplicate Advisory: `OpenClaw: session_status` let sandboxed subagents access parent or sibling session state",openclaw,0,,2026.3.8,CRITICAL,CWE-863,
 GHSA-hhff-fj5f-qg48,2026-04-03T02:56:20Z,"OpenClaw runs Discord audio preflight transcription before member authorization",openclaw,0,2026.3.31,,MODERATE,CWE-770,
 GHSA-hhq4-97c2-p447,2026-04-02T20:59:11Z,"OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass",openclaw,0,2026.3.31,,LOW,CWE-294,
 GHSA-hj5w-xgw9-w4rj,2020-09-03T19:41:44Z,"Malicious Package in coinstrng",coinstrng,0.0.0,,,CRITICAL,CWE-506,
+GHSA-hm63-vwj4-mj2q,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure",openclaw,0,2026.3.22,,MODERATE,CWE-789,
 GHSA-hmfr-rx46-4jx2,2025-08-26T18:42:37Z,"GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation","@escape.tech/graphql-armor-max-depth",0,2.4.2,,MODERATE,CWE-400,
 GHSA-hpfq-8wx8-cgqw,2019-06-13T18:59:18Z,"Cross-Site Scripting in ids-enterprise",ids-enterprise,0,4.18.2,,HIGH,CWE-79,
 GHSA-hpr5-wp7c-hh5q,2020-09-01T19:37:29Z,"Cross-Site Scripting in mrk.js",mrk.js,0,2.0.1,,HIGH,CWE-79,
 GHSA-hq75-xg7r-rx6c,2025-07-11T17:09:53Z,"Better Call routing bug can lead to Cache Deception",better-call,0,1.0.12,,MODERATE,CWE-525,
 GHSA-hq8g-qq57-5275,2020-09-11T21:24:33Z,"SQL Injection in untitled-model",untitled-model,0,,,HIGH,CWE-89,
 GHSA-hqf9-8xv5-x8xw,2026-01-05T19:57:46Z,"ERC7984ERC20Wrapper: once a wrapper is filled, subsequent wrap requests do not revert and result in loss of funds.","@openzeppelin/confidential-contracts",0,0.3.1,,MODERATE,CWE-190,
-GHSA-hr5v-j9h9-xjhg,2026-03-30T18:31:02Z,"OpenClaw has Sandbox Media Root Bypass via Unnormalized `mediaUrl` / `fileUrl` Parameter Keys (CWE-22)",openclaw,0,2026.3.24,,HIGH,CWE-22,
 GHSA-hr8g-2q7x-3f4w,2026-04-03T03:02:37Z,"OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability",openclaw,0,2026.3.31,,MODERATE,CWE-200,
 GHSA-hrpp-f84w-xhfg,2020-09-04T16:55:06Z,"Outdated Static Dependency in vue-moment",vue-moment,0,4.1.0,,MODERATE,CWE-1104,
 GHSA-hv4w-jhcj-6wfw,2020-09-03T20:34:23Z,"Cross-Site Scripting in snekserve",snekserve,0.0.0,,,HIGH,CWE-79,
@@ -6509,16 +6794,19 @@ GHSA-hxxf-q3w9-4xgw,2018-07-12T19:52:02Z,"Malicious Package in eslint-scope",esl
 GHSA-j26j-7qc4-3mrf,2026-03-03T21:36:49Z,"OpenClaw: MS Teams fileConsent/invoke missing conversation binding allowed cross-conversation pending-upload consumption",openclaw,0,2026.2.25,,MODERATE,CWE-639;CWE-862,
 GHSA-j3qq-qvc8-c6g7,2020-09-01T21:15:09Z,"Malicious Package in foever",foever,0,,,CRITICAL,CWE-506,
 GHSA-j425-whc4-4jgc,2026-03-09T19:52:59Z,"OpenClaw's `system.run` env override filtering allowed dangerous helper-command pivots",openclaw,0,2026.3.7,,MODERATE,CWE-15;CWE-639,
+GHSA-j42q-r6qx-xrfp,2026-04-10T00:30:29Z,"Duplicate Advisory: OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName",openclaw,0,,2026.3.24,LOW,CWE-807,
 GHSA-j44m-5v8f-gc9c,2025-10-10T22:55:09Z,"Flowise is vulnerable to arbitrary file exposure through its ReadFileTool",flowise,0,3.0.8,,HIGH,CWE-22,
 GHSA-j44m-5v8f-gc9c,2025-10-10T22:55:09Z,"Flowise is vulnerable to arbitrary file exposure through its ReadFileTool",flowise-components,0,3.0.8,,HIGH,CWE-22,
-GHSA-j4c9-w69r-cw33,2026-03-29T15:50:23Z,"OpenClaw: Telegram DM-Scoped Inline Button Callbacks Bypass DM Pairing and Mutate Session State",openclaw,0,2026.3.28,,MODERATE,CWE-285;CWE-863,
 GHSA-j4mr-9xw3-c9jx,2019-05-31T23:47:01Z,"Out-of-bounds Read in base64-url",base64-url,0,2.0.0,,HIGH,CWE-125,
 GHSA-j4vm-hg8g-g9qv,2020-09-03T17:33:50Z,"Malicious Package in antd-cloud",antd-cloud,0.0.0,,,CRITICAL,CWE-506,
+GHSA-j56c-wpqm-h24x,2026-04-10T00:30:29Z,"Duplicate Advisory: OpenClaw: Plivo V2 verified replay identity drifts on query-only variants",openclaw,0,2026.3.23,,HIGH,CWE-294,
 GHSA-j59f-6m4q-62h6,2019-05-30T17:28:48Z,"Improper Key Verification in ipns",ipns,0,0.1.3,,HIGH,CWE-287,
 GHSA-j5g3-5c8r-7qfx,2023-08-30T21:24:57Z,"Prevent logging invalid header values",@apollo/server,0,4.9.3,,LOW,,
 GHSA-j5g3-5c8r-7qfx,2023-08-30T21:24:57Z,"Prevent logging invalid header values",apollo-server-core,0,2.26.1,,LOW,,
 GHSA-j5g3-5c8r-7qfx,2023-08-30T21:24:57Z,"Prevent logging invalid header values",apollo-server-core,3.0.0,3.12.1,,LOW,,
+GHSA-j5qh-5234-4rqp,2026-03-31T12:31:35Z,"Duplicate Advisory: OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories",openclaw,0,2026.3.12,,HIGH,CWE-829,
 GHSA-j67m-jg9p-ppg4,2020-09-03T23:18:05Z,"Malicious Package in ns-sha3",ns-sha3,0.0.0,,,CRITICAL,CWE-506,
+GHSA-j6c7-3h5x-99g9,2026-04-17T21:53:36Z,"OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms",openclaw,2026.2.22,2026.4.12,,MODERATE,CWE-78,
 GHSA-j6v9-xgvh-f796,2020-09-11T21:11:34Z,"Command Injection in wxchangba",wxchangba,0.0.0,,,MODERATE,CWE-77,
 GHSA-j6x7-42x2-hpcf,2020-09-03T22:14:20Z,"Malicious Package in buffer-xoz",buffer-xoz,0.0.0,,,CRITICAL,CWE-506,
 GHSA-j7p2-qcwm-94v4,2026-03-31T23:59:36Z,"OpenClaw's incomplete host env sanitization blocklist allows supply-chain redirection via package-manager env overrides",openclaw,0,2026.3.22,,CRITICAL,CWE-183,
@@ -6532,12 +6820,14 @@ GHSA-j965-2qgj-vjmq,2026-01-08T22:04:26Z,"JavaScript SDK v2 users should add val
 GHSA-j9f8-8h89-j69x,2019-06-11T16:16:34Z,"Remote Code Execution in node-os-utils",node-os-utils,0,1.1.0,,HIGH,CWE-94,
 GHSA-j9pv-rrcj-6pfx,2026-04-02T21:01:57Z,"OpenClaw: SSH-based sandbox backends pass unsanitized process.env to child processes",openclaw,0,2026.3.31,,MODERATE,CWE-212,
 GHSA-jc5m-wrp2-qq38,2026-03-05T21:58:02Z,"Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint",flowise,0,3.0.13,,MODERATE,CWE-200,
-GHSA-jccr-rrw2-vc8h,2026-03-31T23:56:13Z,"OpenClaw safeBins jq `$ENV` filter bypass allows environment variable disclosure",openclaw,0,2026.3.28,,HIGH,CWE-200,
+GHSA-jccr-rrw2-vc8h,2026-03-31T23:56:13Z,"OpenClaw safeBins jq `$ENV` filter bypass allows environment variable disclosure",openclaw,0,2026.3.28,,HIGH,CWE-185;CWE-200,
 GHSA-jcgq-xh2f-2hfm,2021-02-25T01:20:42Z,"Regular Expression Denial of Service",eslint,0,4.18.2,,MODERATE,,
 GHSA-jcgr-9698-82jx,2021-05-28T15:53:40Z,"Improper Neutralization of Special Elements used in a Command ('Command Injection') in @floffah/build",@floffah/build,0,1.0.0,,LOW,CWE-77,
 GHSA-jchg-g94r-64qg,2020-09-03T19:50:10Z,"Malicious Package in mogobd",mogobd,0.0.0,,,CRITICAL,CWE-506,
 GHSA-jcjx-c3j3-44pr,2021-11-10T16:44:12Z,"Insufficient Session Expiration in @cyyynthia/tokenize",@cyyynthia/tokenize,1.1.0,1.1.3,,HIGH,CWE-613,
 GHSA-jcmh-9fvm-j39w,2020-09-03T19:42:23Z,"Malicious Package in body-parse-xml",body-parse-xml,0.0.0,,,CRITICAL,CWE-506,
+GHSA-jf25-7968-h2h5,2026-04-17T21:58:24Z,"OpenClaw: screen_record outPath bypassed workspace-only filesystem guard",openclaw,0,2026.4.10,,MODERATE,CWE-22;CWE-863,
+GHSA-jf56-mccx-5f3f,2026-04-09T14:22:23Z,"OpenClaw: Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel",openclaw,0,2026.4.8,,HIGH,CWE-501,
 GHSA-jf6w-m8jw-jfxc,2026-03-13T15:48:11Z,"OpenClaw: Write-scoped callers could reach admin-only session reset logic through `agent`",openclaw,0,2026.3.11,,MODERATE,CWE-863,
 GHSA-jf8x-wg7f-p3w8,2020-09-03T18:22:33Z,"Malicious Package in cage-js",cage-js,0.0.0,,,CRITICAL,CWE-506,
 GHSA-jfcc-rm7f-xgf8,2020-09-03T20:36:35Z,"Cross-Site Scripting in mavon-editor",mavon-editor,0,2.8.2,,MODERATE,CWE-79,
@@ -6546,8 +6836,11 @@ GHSA-jh67-3wqw-cvhr,2020-09-03T23:13:52Z,"Malicious Package in js-sxa3",js-sxa3,
 GHSA-jh8h-6c9q-7gmw,2026-02-26T22:45:41Z,"n8n has an Authentication Bypass in its Chat Trigger Node",n8n,0,1.123.22,,MODERATE,CWE-287,
 GHSA-jh8h-6c9q-7gmw,2026-02-26T22:45:41Z,"n8n has an Authentication Bypass in its Chat Trigger Node",n8n,2.0.0,2.9.3,,MODERATE,CWE-287,
 GHSA-jh8h-6c9q-7gmw,2026-02-26T22:45:41Z,"n8n has an Authentication Bypass in its Chat Trigger Node",n8n,2.10.0,2.10.1,,MODERATE,CWE-287,
+GHSA-jhm7-29pj-4xvf,2026-04-16T21:09:50Z,"@node-oauth/oauth2-server: PKCE code_verifier ABNF not enforced in token exchange allows brute-force redemption of intercepted authorization codes","@node-oauth/oauth2-server",0,5.3.0,,MODERATE,CWE-1289;CWE-307,
+GHSA-jhpv-5j76-m56h,2026-04-17T22:17:57Z,"OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure",openclaw,2026.4.9,2026.4.10,,MODERATE,CWE-863,
 GHSA-jj37-3377-m6vv,2025-11-14T21:30:29Z,"Duplicate Advisory: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict",nodemailer,0,7.0.7,,HIGH,CWE-436,
 GHSA-jj6g-7j8p-7gf2,2019-05-30T21:03:24Z,"Cross-Site Scripting in bracket-template",bracket-template,0,,1.1.5,HIGH,CWE-79,
+GHSA-jj6q-rrrf-h66h,2026-04-07T18:16:03Z,"OpenClaw: Shared-secret comparison call sites leaked length information through timing",openclaw,0,2026.4.2,,MODERATE,CWE-208,
 GHSA-jjgj-cpp9-cvpv,2026-03-04T19:28:11Z,"OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection",openclaw,0,2026.2.21,,MODERATE,CWE-200;CWE-22,
 GHSA-jjhg-qw5v-r8xx,2020-09-03T19:01:20Z,"Malicious Package in anarchy",anarchy,0.0.0,,,CRITICAL,CWE-506,
 GHSA-jjmg-x456-w976,2022-10-10T20:59:02Z,"Incorrect default cookie name and recommendation",csrf-csrf,0,2.2.1,,LOW,,
@@ -6555,6 +6848,9 @@ GHSA-jjw7-3vjf-fg5j,2026-04-02T20:58:08Z,"OpenClaw Nostr privateKey config redac
 GHSA-jmqm-f2gx-4fjv,2020-07-07T18:59:10Z,"Sensitive information exposure through logs in npm-registry-fetch",npm-registry-fetch,0,4.0.5,,MODERATE,CWE-352,
 GHSA-jmqm-f2gx-4fjv,2020-07-07T18:59:10Z,"Sensitive information exposure through logs in npm-registry-fetch",npm-registry-fetch,5.0.0,8.1.1,,MODERATE,CWE-352,
 GHSA-jp4j-q5fc-58gv,2026-03-31T23:58:08Z,"OpenClaw's Discord component interaction ingress skips guild/channel policy enforcement",openclaw,2026.2.14,2026.3.28,,MODERATE,CWE-862,
+GHSA-jp74-mfrx-3qvh,2026-04-16T22:51:43Z,"Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)",@saltcorn/server,0,1.4.6,,CRITICAL,CWE-89,
+GHSA-jp74-mfrx-3qvh,2026-04-16T22:51:43Z,"Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)",@saltcorn/server,1.5.0-beta.0,1.5.6,,CRITICAL,CWE-89,
+GHSA-jp74-mfrx-3qvh,2026-04-16T22:51:43Z,"Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)",@saltcorn/server,1.6.0-alpha.0,1.6.0-beta.5,,CRITICAL,CWE-89,
 GHSA-jp99-5h8w-gmxc,2020-09-04T15:03:13Z,"Sandbox Breakout / Arbitrary Code Execution in @zhaoyao91/eval-in-vm",@zhaoyao91/eval-in-vm,0.0.0,,,CRITICAL,,
 GHSA-jp9g-5x75-ccp8,2020-09-02T21:34:30Z,"Malicious Package in colro-name",colro-name,0,,,CRITICAL,CWE-506,
 GHSA-jq4x-98m3-ggq6,2026-03-02T22:32:23Z,"OpenClaw Canvas Path Traversal Information Disclosure Vulnerability",openclaw,0,2026.2.21,,HIGH,CWE-22,
@@ -6564,12 +6860,14 @@ GHSA-jqvv-r4w3-8f7w,2020-09-04T15:35:00Z,"Malicious Package in bictoind-rpc",bic
 GHSA-jqx4-9gpq-rppm,2025-05-06T16:44:22Z,"@misskey-dev/summaly allows IP Filter Bypass via Redirect",@misskey-dev/summaly,5.1.0,5.2.1,,MODERATE,CWE-346,
 GHSA-jr6x-2q95-fh2g,2026-03-02T21:59:51Z,"OpenClaw's authorization mismatch allowed write-scope agent runs to reach owner-only tools",openclaw,0,2026.3.1,,HIGH,CWE-269;CWE-862,
 GHSA-jrj9-5qp6-2v8q,2020-09-03T23:22:19Z,"Machine-In-The-Middle in airtable",airtable,0.1.19,0.7.2,,HIGH,,
+GHSA-jvff-x2qm-6286,2026-04-10T22:10:49Z,"mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes",mathjs,13.1.0,15.2.0,,HIGH,CWE-915,
 GHSA-jvfv-jhw9-jmpp,2020-09-03T21:23:09Z,"Malicious Package in b5ffer-xor",b5ffer-xor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-jwrq-8g5x-5fhm,2026-04-17T21:35:35Z,"OpenClaw: Collect-mode queue batches could reuse the last sender authorization context",openclaw,0,2026.4.14,,MODERATE,CWE-863,
 GHSA-jxf5-7x3j-8j9m,2020-09-03T18:19:14Z,"Malicious Package in load-from-cwd-or-npm",load-from-cwd-or-npm,3.0.2,3.0.4,,CRITICAL,CWE-506,
 GHSA-jxrq-8fm4-9p58,2026-03-03T23:09:31Z,"OpenClaw: Zip extraction symlink traversal could write outside destination",openclaw,0,2026.2.22,,HIGH,CWE-59,
 GHSA-m2fp-c79h-rr79,2020-09-02T21:42:56Z,"Malicious Package in tensorplow",tensorplow,0,,,CRITICAL,CWE-506,
+GHSA-m34q-h93w-vg5x,2026-04-07T18:14:57Z,"OpenClaw: OpenShell mirror mode could delete arbitrary remote directories when roots were mis-scoped",openclaw,0,2026.4.2,,MODERATE,CWE-22,
 GHSA-m36m-x4c5-rjxj,2020-09-01T19:01:58Z,"Silently Runs Cryptocoin Miner in hooka-tools",hooka-tools,0.0.0,,,LOW,,
-GHSA-m3mh-3mpg-37hw,2026-03-30T18:52:09Z,"OpenClaw has an Arbitrary Malicious Code Execution Vulnerability",openclaw,0,2026.3.24,,HIGH,CWE-426,
 GHSA-m45f-4828-5cv5,2020-08-19T22:39:44Z,"Regular Expression Denial of Service in highcharts",highcharts,0,6.1.0,,MODERATE,,
 GHSA-m489-xr35-fjxr,2021-09-22T20:35:08Z,"Regular Expression Denial of Service in millisecond",millisecond,0,0.1.2,,MODERATE,CWE-1333;CWE-400,
 GHSA-m4fq-xh7w-jhfm,2020-09-03T19:39:46Z,"Malicious Package in crytpo-js",crytpo-js,0.0.0,,,CRITICAL,CWE-506,
@@ -6580,6 +6878,7 @@ GHSA-m56h-5xx3-2jc2,2024-12-18T15:50:09Z,"Prototype pollution in jsii.configureC
 GHSA-m56h-5xx3-2jc2,2024-12-18T15:50:09Z,"Prototype pollution in jsii.configureCategories",jsii,5.6.0,5.6.4,,LOW,CWE-1321,
 GHSA-m56h-5xx3-2jc2,2024-12-18T15:50:09Z,"Prototype pollution in jsii.configureCategories",jsii,5.7.0,5.7.3,,LOW,CWE-1321,
 GHSA-m5ch-gx8g-rg73,2020-09-02T15:43:53Z,"Remote Code Execution in pomelo-monitor",pomelo-monitor,0.0.0,,,HIGH,CWE-20,
+GHSA-m5jp-p3r5-mfqp,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`",openclaw,0,,2026.3.24,MODERATE,CWE-648;CWE-863,
 GHSA-m5p4-7wf9-6w99,2020-09-01T21:10:53Z,"Malicious Package in regenrator",regenrator,0,,,CRITICAL,CWE-506,
 GHSA-m5qc-5hw7-8vg7,2025-04-02T15:04:58Z,"image-size Denial of Service via Infinite Loop during Image Processing",image-size,1.1.0,1.2.1,,HIGH,CWE-770,
 GHSA-m5qc-5hw7-8vg7,2025-04-02T15:04:58Z,"image-size Denial of Service via Infinite Loop during Image Processing",image-size,2.0.0,2.0.2,,HIGH,CWE-770,
@@ -6590,6 +6889,7 @@ GHSA-m6w8-fq7v-ph4m,2022-01-13T16:09:36Z,"GovernorCompatibilityBravo incorrect A
 GHSA-m6w8-fq7v-ph4m,2022-01-13T16:09:36Z,"GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior",@openzeppelin/contracts,4.3.0,4.4.2,,MODERATE,,
 GHSA-m734-r4g6-34f9,2019-06-04T19:36:17Z,"NoSQL Injection in loopback-connector-mongodb","loopback-connector-mongodb",0,3.6.0,,HIGH,CWE-89,
 GHSA-m794-qv59-gj7c,2020-09-03T17:03:22Z,"Malicious Package in signqle",signqle,0.0.0,,,CRITICAL,CWE-506,
+GHSA-m7mq-85xj-9x33,2026-04-16T21:22:36Z,"Flowise: Weak Default Token Hash Secret",flowise,0,3.1.0,,MODERATE,CWE-798,
 GHSA-m7qm-r2r5-f77q,2020-09-01T20:43:48Z,"Cross-Site Scripting in react-marked-markdown",react-marked-markdown,0.0.0,,,HIGH,CWE-79,
 GHSA-m852-866j-69j8,2020-09-01T20:47:01Z,"Malicious Package in eslint-config-airbnb-standard","eslint-config-airbnb-standard",2.0.0,2.1.0,,CRITICAL,CWE-506,
 GHSA-m866-6qv5-p2fg,2026-03-31T23:57:00Z,"OpenClaw host-env blocklist missing `GIT_TEMPLATE_DIR` and `AWS_CONFIG_FILE` allows code execution via env override",openclaw,0,2026.3.28,,MODERATE,CWE-184,
@@ -6604,7 +6904,6 @@ GHSA-m9c9-mc2h-9wjw,2025-01-14T22:04:02Z,"Lodestar snappy checksum issue",@lodes
 GHSA-m9hw-7xfv-wqg7,2020-11-12T19:36:14Z,"Prototype Pollution in json-logic-js",json-logic-js,0,2.0.0,,HIGH,CWE-471,
 GHSA-m9r7-q9fc-qwx5,2020-09-03T17:22:24Z,"Malicious Package in maybemaliciouspackage",maybemaliciouspackage,0.0.0,,,CRITICAL,CWE-506,
 GHSA-mc84-xr9p-938r,2019-09-23T18:31:05Z,"High severity vulnerability that affects generator-jhipster",generator-jhipster,0,6.3.1,,HIGH,CWE-494;CWE-829,
-GHSA-mf5g-6r6f-ghhm,2026-03-29T15:50:09Z,"OpenClaw: Synology Chat Webhook Pre-Auth Rate-Limit Bypass Enables Brute-Force Guessing of Webhook Token",openclaw,0,2026.3.28,,MODERATE,CWE-307;CWE-521,
 GHSA-mf74-qq7w-6j7v,2024-02-03T00:38:22Z,"Zmarkdown Server-Side Request Forgery (SSRF) in remark-download-images",remark-images-download,0,3.1.0,,MODERATE,,
 GHSA-mfc2-93pr-jf92,2020-10-01T17:10:15Z,"Malicious code in `loadyaml`",loadyaml,0,,1.0.2,CRITICAL,CWE-506,
 GHSA-mfcp-34xw-p57x,2020-09-03T21:20:52Z,"Authentication Bypass in saml2-js",saml2-js,0,2.0.5,,MODERATE,CWE-287,
@@ -6623,17 +6922,16 @@ GHSA-mjjq-c88q-qhr6,2020-09-03T21:22:00Z,"Cross-Site Scripting in dompurify",dom
 GHSA-mmph-wp49-r48h,2020-09-02T20:20:26Z,"Malicious Package in experss",experss,0,,,CRITICAL,CWE-506,
 GHSA-mmqv-m45h-q2hp,2020-09-04T15:22:40Z,"Sandbox Breakout / Arbitrary Code Execution in localeval",localeval,0,15.3.0,,CRITICAL,,
 GHSA-mp55-2274-4pj8,2020-09-03T21:54:09Z,"Malicious Package in buffer-xgr",buffer-xgr,0.0.0,,,CRITICAL,CWE-506,
-GHSA-mp66-rf4f-mhh8,2026-03-26T21:37:36Z,"OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals",openclaw,0,2026.3.22,,HIGH,CWE-863,
 GHSA-mpcx-8qqw-rmcq,2020-08-19T21:51:20Z,"SQL Injection in waterline-sequel",waterline-sequel,0,0.5.1,,HIGH,,
 GHSA-mpjf-8cmf-p789,2020-09-01T21:25:46Z,"Cross-Site Scripting in jingo",jingo,0,1.9.2,,HIGH,CWE-79,
 GHSA-mq6v-w35g-3c97,2024-02-03T00:37:56Z,"Local File Inclusion vulnerability in zmarkdown",zmarkdown,0,10.1.3,,LOW,,
 GHSA-mq9h-cwc2-6j5r,2020-09-03T17:42:27Z,"Malicious Package in midway-dataproxy",midway-dataproxy,0.0.0,,,CRITICAL,CWE-506,
 GHSA-mqpr-49jj-32rc,2026-02-26T15:58:34Z,"n8n: Webhook Forgery on Github Webhook Trigger",n8n,0,1.123.15,,MODERATE,CWE-290,
 GHSA-mqpr-49jj-32rc,2026-02-26T15:58:34Z,"n8n: Webhook Forgery on Github Webhook Trigger",n8n,2.0.0,2.5.0,,MODERATE,CWE-290,
+GHSA-mr34-9552-qr95,2026-04-17T22:33:09Z,"OpenClaw: Webchat media embedding enforces local-root containment for tool-result files",openclaw,2026.4.7,2026.4.15,,HIGH,CWE-22;CWE-73,
 GHSA-mrr8-v49w-3333,2023-07-10T19:08:10Z,"sweetalert2 contains potentially undesirable behavior",sweetalert2,11.6.14,11.22.4,,LOW,CWE-440,
 GHSA-mvch-rh6h-2m47,2020-09-11T21:10:29Z,"Malicious Package in equest",equest,0,,,CRITICAL,CWE-506,
 GHSA-mvrp-3cvx-c325,2023-10-04T14:46:06Z,"Zod denial of service vulnerability during email validation",express-zod-api,0,10.0.0-beta1,,HIGH,CWE-1333,
-GHSA-mvv8-v4jj-g47j,2026-04-04T06:12:07Z,"Directus: Sensitive fields exposed in revision history",directus,0,11.17.0,,MODERATE,CWE-200;CWE-312,
 GHSA-mvw6-62qv-vmqf,2025-07-25T06:30:30Z,"Duplicate Advisory: Koa Open Redirect via Referrer Header (User-Controlled)",koa,0,3.0.1,,LOW,CWE-601,
 GHSA-mw7w-g3mg-xqm7,2026-03-27T22:32:06Z,"OpenClaw: BlueBubbles Group Reactions Bypass requireMention and Still Enqueue Agent-Visible System Events",openclaw,0,,2026.3.24,MODERATE,CWE-288;CWE-863,
 GHSA-mwp6-j9wf-968c,2019-09-13T21:33:25Z,"Critical severity vulnerability that affects generator-jhipster",generator-jhipster,0,6.3.0,,CRITICAL,CWE-338,
@@ -6655,15 +6953,19 @@ GHSA-mxq6-vrrr-ppmg,2022-05-24T17:04:00Z,"Duplicate Advisory: tree-kill vulnerab
 GHSA-p33q-w45h-2hcj,2020-09-02T18:30:03Z,"Malicious Package in 4equest",4equest,0,,,CRITICAL,CWE-506,
 GHSA-p3jx-g34v-q56j,2020-09-03T22:54:02Z,"Malicious Package in j3-sha3",j3-sha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-p464-m8x6-vhv8,2026-04-03T02:54:38Z,"OpenClaw: MS Teams webhook parses body before JWT validation, enabling unauthenticated resource exhaustion",openclaw,0,2026.3.31,,MODERATE,CWE-400,
+GHSA-p4h8-56qp-hpgv,2026-04-14T00:04:10Z,"SSH/SCP option injection allowing local RCE in @aiondadotcom/mcp-ssh",@aiondadotcom/mcp-ssh,0,1.3.5,,HIGH,CWE-78;CWE-88,
 GHSA-p4mf-4qvh-w8g5,2020-09-04T15:41:42Z,"Malicious Package in bitcionjslib",bitcionjslib,0.0.0,,,CRITICAL,CWE-506,
 GHSA-p4x4-2r7f-wjxg,2026-04-01T00:02:20Z,"OpenClaw gateway exec allow-always over-trusts positional carrier executables",openclaw,0,2026.3.28,,HIGH,CWE-863,
 GHSA-p56r-jr4p-4wgh,2020-08-03T18:16:37Z,Withdrawn,whereis,0,0.4.1,,HIGH,,
 GHSA-p5p2-rhc3-wmf3,2020-09-03T17:03:31Z,"Malicious Package in siganle",siganle,0.0.0,,,CRITICAL,CWE-506,
 GHSA-p62r-jf56-h429,2020-09-03T20:29:58Z,"Malicious Package in evil-package",evil-package,0.0.0,,,CRITICAL,CWE-506,
+GHSA-p6j4-wvmc-vx2h,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete",openclaw,0,2026.3.22,,MODERATE,CWE-696,
+GHSA-p6x5-p4xf-cc4r,2026-04-17T22:31:45Z,"Remote Code Execution (RCE) via String Literal Injection into math-codegen",math-codegen,0,0.4.3,,CRITICAL,CWE-94,
 GHSA-p72p-rjr2-r439,2019-05-29T20:24:02Z,"Server-Side Request Forgery in terriajs-server",terriajs-server,0,2.7.4,,HIGH,CWE-918,
 GHSA-p77h-hv6g-fmfp,2020-09-03T20:43:16Z,"Sensitive Data Exposure in ibm_db",ibm_db,0,2.6.0,,MODERATE,,
 GHSA-p7j5-4mwm-hv86,2021-05-06T17:28:14Z,"Duplicate Advisory: Cross-site scripting in TinyMCE",tinymce,0,4.9.7,,MODERATE,CWE-79,
 GHSA-p7j5-4mwm-hv86,2021-05-06T17:28:14Z,"Duplicate Advisory: Cross-site scripting in TinyMCE",tinymce,5.0.0,5.1.4,,MODERATE,CWE-79,
+GHSA-p7mm-r948-4q3q,2026-04-16T22:48:46Z,"Paperclip: Approval decision attribution spoofing via client-controlled `decidedByUserId` in paperclip server",@paperclipai/server,0,2026.416.0,,MODERATE,CWE-345,
 GHSA-p7qp-3fh7-pv4p,2020-09-03T22:24:04Z,"Malicious Package in buffur-xor",buffur-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-p8fm-w787-x6x3,2020-09-02T15:50:28Z,"Malicious Package in portionfatty12",portionfatty12,0.0.0,,,CRITICAL,CWE-506,
 GHSA-p94w-42g3-f7h4,2020-03-06T01:16:00Z,"Holder can (re)create authentic credentials after receiving a credential in vp-toolkit",vp-toolkit,0,0.2.2,,HIGH,,
@@ -6675,17 +6977,20 @@ GHSA-pf56-h9qf-rxq4,2024-10-07T15:14:40Z,"Saltcorn Server Stored Cross-Site Scri
 GHSA-pfq2-hh62-7m96,2026-01-13T19:54:29Z,"Renovate vulnerable to arbitrary command injection via Gradle Wrapper and malicious `distributionUrl`",renovate,32.124.0,42.68.5,,MODERATE,CWE-78,
 GHSA-pfv5-rpcw-x34x,2026-03-19T03:30:57Z,"Duplicate Advisory: OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution",openclaw,0,,,HIGH,CWE-78,
 GHSA-pfv7-rr5m-qmv6,2026-03-03T21:42:27Z,"OpenClaw has auth inconsistency on local Browser Extension Relay /extension endpoint",openclaw,0,2026.2.19,,MODERATE,CWE-306,
+GHSA-pg8g-f2hf-x82m,2026-04-09T00:31:59Z,"Duplicate Advisory: OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects",openclaw,0,2026.4.8,,HIGH,CWE-601,
 GHSA-pg98-6v7f-2xfv,2022-11-23T15:44:52Z,"sweetalert2 v9.17.4 and above contains hidden functionality",sweetalert2,9.17.4,11.22.4,,LOW,CWE-912,
 GHSA-pgcr-7wm4-mcv6,2019-06-04T15:42:45Z,"Sensitive Data Exposure in pem",pem,0,1.13.2,,CRITICAL,CWE-200,
 GHSA-pgr8-jg6h-8gw6,2019-05-23T09:26:20Z,"Cross-Site Scripting in webpack-bundle-analyzer",webpack-bundle-analyzer,0,3.3.2,,MODERATE,CWE-79,
 GHSA-pgv6-jrvv-75jp,2018-10-09T00:34:30Z,"Moderate severity vulnerability that affects send",send,0,0.8.4,,MODERATE,,
 GHSA-pgx6-7jcq-2qff,2026-03-20T20:45:17Z,"PDFME has SSRF via Unvalidated URL Fetch in `getB64BasePdf` When `basePdf` Is Attacker-Controlled",@pdfme/common,0,5.5.10,,MODERATE,CWE-918,
 GHSA-ph6w-f82w-28w6,2025-09-03T18:06:31Z,"Claude Code Vulnerable to Arbitrary Code Execution Due to Insufficient Startup Warning","@anthropic-ai/claude-code",0,1.0.87,,HIGH,CWE-94,
+GHSA-phgf-3849-rgjq,2026-03-31T12:31:35Z,"Duplicate Advisory: OpenClaw: Plugin subagent routes could bypass gateway authorization with synthetic admin scopes",openclaw,2026.3.7,2026.3.11,,CRITICAL,CWE-266,
 GHSA-phph-xpj4-wvcv,2020-09-03T21:13:07Z,"Cross-Site Scripting in hexo-admin",hexo-admin,0.0.0,,,HIGH,CWE-79,
 GHSA-pj97-j597-ppm7,2020-09-02T21:15:22Z,"Malicious Package in rqeuest",rqeuest,0,,,CRITICAL,CWE-506,
 GHSA-pjvx-rx66-r3fg,2026-03-09T19:54:08Z,"OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping",openclaw,0,2026.3.7,,MODERATE,CWE-639;CWE-863,
 GHSA-pm52-wwrw-c282,2019-06-13T18:59:06Z,"Command Injection in wiki-plugin-datalog",wiki-plugin-datalog,0,0.1.6,,HIGH,CWE-94,
 GHSA-pm9v-325f-5g74,2020-09-02T21:30:11Z,"Malicious Package in saync",saync,0,,,CRITICAL,CWE-506,
+GHSA-pmf3-2q63-jmp6,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)",openclaw,0,,2026.2.22,MODERATE,CWE-61,
 GHSA-pmgv-94f5-6w7w,2020-09-02T20:21:30Z,"Malicious Package in eact",eact,0,,,CRITICAL,CWE-506,
 GHSA-ppwq-6v66-5m6j,2026-03-26T21:15:59Z,"OpenClaw Exposes Credentials Embedded in baseUrl Fields via config.get and channels.status",openclaw,0,2026.3.22,,MODERATE,CWE-200;CWE-212;CWE-522,
 GHSA-pqhp-25j4-6hq9,2024-11-22T20:40:49Z,"smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables",smol-toml,0,1.3.1,,MODERATE,CWE-674,
@@ -6693,11 +6998,11 @@ GHSA-pqhr-mp3f-hrpp,2026-03-31T23:26:29Z,"Nuxt OG Image vulnerable to Server-Sid
 GHSA-pqpp-2363-649v,2020-09-02T18:22:30Z,"Cross-Site Scripting in buttle",buttle,0,,,MODERATE,CWE-79,
 GHSA-prmc-5v5w-c465,2021-04-06T17:32:38Z,"Client TLS credentials sent raw to server in npm package nats",nats,2.0.0-201,2.0.0-209,,CRITICAL,CWE-522,
 GHSA-pv6r-vchh-cxg9,2020-09-03T20:42:09Z,"Denial of Service in apostrophe",apostrophe,0,2.97.1,,LOW,CWE-400,
-GHSA-pw7h-9g6p-c378,2026-03-26T21:30:54Z,"OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation",openclaw,0,2026.3.22,,LOW,CWE-285;CWE-863,
 GHSA-pxmp-fwjc-4x7q,2020-09-03T15:45:23Z,"HTML Injection in marky-markdown",marky-markdown,0.0.0,,,MODERATE,CWE-79,
 GHSA-pxqp-mv67-g528,2020-09-03T21:38:34Z,"Malicious Package in bqffer-xor",bqffer-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-q2c6-c6pm-g3gh,2020-09-04T15:07:38Z,"Arbitrary Code Execution in handlebars",handlebars,0,3.0.8,,HIGH,,
 GHSA-q2c6-c6pm-g3gh,2020-09-04T15:07:38Z,"Arbitrary Code Execution in handlebars",handlebars,4.0.0,4.5.3,,HIGH,,
+GHSA-q2gc-xjqw-qp89,2026-04-09T17:32:49Z,"OpenClaw: strictInlineEval explicit-approval boundary bypassed by approval-timeout fallback on gateway and node exec hosts",openclaw,0,2026.4.8,,MODERATE,CWE-20,
 GHSA-q2qc-744p-66r2,2026-03-29T15:47:50Z,"OpenClaw: `session_status` sessionId resolution bypasses sandboxed session-tree visibility",openclaw,2026.3.11,2026.3.28,,HIGH,CWE-639;CWE-863,
 GHSA-q324-q795-2q5p,2021-10-12T16:05:11Z,"Path traversal when using `preview-docs` when working dir contains files with question mark `?` in name",@redocly/openapi-cli,0,1.0.0-beta.59,,LOW,,
 GHSA-q3w9-g74q-vp5f,2020-09-03T21:14:12Z,"Denial of Service in express-fileupload",express-fileupload,0,1.1.6-alpha.6,,LOW,,
@@ -6711,6 +7016,8 @@ GHSA-q42p-pg8m-cqh6,2019-06-05T14:07:48Z,"Prototype Pollution in handlebars",han
 GHSA-q42p-pg8m-cqh6,2019-06-05T14:07:48Z,"Prototype Pollution in handlebars",handlebars,4.1.0,4.1.2,,HIGH,CWE-471,
 GHSA-q4fm-pjq6-m63g,2026-03-27T18:05:47Z,"n8n has a Stored XSS Vulnerability in its Form Trigger",n8n,0,1.123.25,,MODERATE,CWE-79,
 GHSA-q4fm-pjq6-m63g,2026-03-27T18:05:47Z,"n8n has a Stored XSS Vulnerability in its Form Trigger",n8n,2.0.0-rc.0,2.11.2,,MODERATE,CWE-79,
+GHSA-q4gf-8mx6-v5v3,2026-04-10T15:35:47Z,"Next.js has a Denial of Service with Server Components",next,13.0.0,15.5.15,,HIGH,CWE-770,
+GHSA-q4gf-8mx6-v5v3,2026-04-10T15:35:47Z,"Next.js has a Denial of Service with Server Components",next,16.0.0-beta.0,16.2.3,,HIGH,CWE-770,
 GHSA-q4h9-46xg-m3x9,2021-09-15T20:22:13Z,"UUPSUpgradeable vulnerability in @openzeppelin/contracts-upgradeable","@openzeppelin/contracts-upgradeable",4.1.0,4.3.2,,CRITICAL,,
 GHSA-q4pp-j36h-3gqg,2023-08-24T12:53:06Z,"Minimal `basti` IAM Policy Allows Shell Access",basti-cdk,0,1.0.1,,LOW,,
 GHSA-q4xx-mc3q-23x8,2025-08-14T12:30:22Z,"Duplicate Advisory: Flowise vulnerable to RCE via Dynamic function constructor injection",flowise,0,,3.0.5,CRITICAL,CWE-94,
@@ -6727,7 +7034,6 @@ GHSA-q9r2-f3vc-rjg8,2020-08-19T22:28:51Z,"Command Injection in macaddress",macad
 GHSA-q9w8-cf67-r238,2026-04-03T03:22:32Z,"OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration",openclaw,0,2026.3.31,,HIGH,CWE-346;CWE-350,
 GHSA-q9wr-gcjc-hq52,2020-09-04T15:12:13Z,"Prototype Pollution in reggae",reggae,0.0.0,,,HIGH,CWE-1321,
 GHSA-qc22-qwm9-j8rx,2021-12-20T16:59:31Z,"Remote Code Execution in npm-groovy-lint",npm-groovy-lint,0,9.1.0,,CRITICAL,CWE-20,
-GHSA-qc36-x95h-7j53,2026-03-13T15:48:05Z,"OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity",openclaw,0,2026.3.11,,HIGH,CWE-863,
 GHSA-qc59-cxj2-c2w4,2025-04-15T14:48:49Z,"aws-cdk-lib's aspect order change causes different Permissions Boundary assigned to Role",aws-cdk-lib,2.172.0,2.189.1,,LOW,CWE-279,
 GHSA-qcc3-jqwp-5vh2,2026-04-02T21:01:08Z,"OpenClaw: LINE webhook handler lacks shared pre-auth concurrency budget before signature verification",openclaw,0,2026.3.31,,MODERATE,CWE-770,
 GHSA-qcc4-p59m-p54m,2026-03-12T14:21:54Z,"OpenClaw: Sandbox dangling-symlink alias handling could bypass workspace-only write boundary",openclaw,0,2026.2.26,,HIGH,CWE-367;CWE-59,
@@ -6748,18 +7054,20 @@ GHSA-qj3p-xc97-xw74,2025-09-15T13:55:56Z,"MetaMask SDK indirectly exposed via ma
 GHSA-qj3p-xc97-xw74,2025-09-15T13:55:56Z,"MetaMask SDK indirectly exposed via malicious debug@4.4.2 dependency",@metamask/sdk,0.16.0,0.33.1,,MODERATE,CWE-506,
 GHSA-qj3p-xc97-xw74,2025-09-15T13:55:56Z,"MetaMask SDK indirectly exposed via malicious debug@4.4.2 dependency",@metamask/sdk-react,0.16.0,0.33.1,,MODERATE,CWE-506,
 GHSA-qjfh-xc44-rm9x,2020-09-03T16:49:43Z,"Path Traversal in file-static-server",file-static-server,0.0.0,,,HIGH,CWE-22,
-GHSA-qm2m-28pf-hgjw,2026-03-27T22:30:57Z,"OpenClaw: Gateway Plugin HTTP Auth Grants Unrestricted operator.admin Runtime Scope to All Callers",openclaw,0,,2026.3.24,HIGH,CWE-266;CWE-863,
 GHSA-qm4q-f956-fg64,2020-09-03T17:39:13Z,"Malicious Package in luna-mock",luna-mock,0.0.0,,,CRITICAL,CWE-506,
 GHSA-qm7x-rc44-rrqw,2021-11-08T18:07:42Z,"Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)",apollo-server,2.0.0,2.25.3,,HIGH,CWE-79,
 GHSA-qm7x-rc44-rrqw,2021-11-08T18:07:42Z,"Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)",apollo-server,3.0.0,3.4.1,,HIGH,CWE-79,
-GHSA-qm9x-v7cx-7rq4,2026-03-26T19:08:45Z,"OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper",openclaw,0,2026.3.22,,HIGH,CWE-863,
 GHSA-qmgf-fp85-55gr,2020-09-04T15:40:34Z,"Malicious Package in bitcionjs",bitcionjs,0.0.0,,,CRITICAL,CWE-506,
 GHSA-qmpg-8xg6-ph5q,2026-03-12T17:29:30Z,"Trix has a Stored XSS vulnerability through serialized attributes",trix,0,2.1.17,,MODERATE,CWE-79,
+GHSA-qmwg-qprg-3j38,2026-04-17T22:14:20Z,"OpenClaw: Browser interaction routes could pivot into local CDP and regain file reads",openclaw,0,2026.4.9,,MODERATE,CWE-693,
 GHSA-qp6m-jqfr-2f7v,2020-09-04T15:27:11Z,"Malicious Package in babel-laoder",babel-laoder,0.0.0,,,CRITICAL,CWE-506,
 GHSA-qpw2-xchm-655q,2022-01-06T20:31:01Z,"Out-of-Bounds read in stringstream",stringstream,0,0.0.6,,MODERATE,CWE-125,
 GHSA-qq4x-c6h6-rfxh,2025-03-31T22:37:42Z,"aws-cdk-lib has Insertion of Sensitive Information into Log File vulnerability when using Cognito UserPoolClient Construct",aws-cdk-lib,2.37.0,2.187.0,,MODERATE,,
 GHSA-qq6h-5g6j-q3cm,2022-11-23T15:26:43Z,"sweetalert2 v11.4.9 and above contains hidden functionality",sweetalert2,11.4.9,11.22.4,,LOW,CWE-912,
 GHSA-qq9g-96v4-m3cj,2026-03-18T16:10:16Z,"Cross-Site Scripting (XSS) via Select Schema Option Value Injection in @pdfme/schemas",@pdfme/schemas,0,5.5.9,,MODERATE,CWE-79,
+GHSA-qqq7-4hxc-x63c,2026-04-09T17:32:58Z,"OpenClaw: Shared reply MEDIA - paths are treated as trusted and can trigger cross-channel local file exfiltration",openclaw,0,2026.4.8,,MODERATE,CWE-668,
+GHSA-qqvm-66q4-vf5c,2026-04-16T21:23:03Z,"Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)",flowise,0,3.1.0,,MODERATE,CWE-918,
+GHSA-qqvm-66q4-vf5c,2026-04-16T21:23:03Z,"Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)",flowise-components,0,3.1.0,,MODERATE,CWE-918,
 GHSA-qr2g-p6q7-w82m,2026-03-07T02:37:47Z,"x402 SDK Security Advisory",@x402/svm,0,2.6.0,,HIGH,,
 GHSA-qrg3-f6h6-vq8q,2020-08-19T22:15:57Z,"Denial of Service in https-proxy-agent",https-proxy-agent,0,2.2.0,,HIGH,,
 GHSA-qrmm-w75w-3wpx,2021-12-09T19:08:38Z,"Server side request forgery in SwaggerUI",swagger-ui,0,4.1.3,,MODERATE,CWE-918,
@@ -6767,10 +7075,8 @@ GHSA-qrmm-w75w-3wpx,2021-12-09T19:08:38Z,"Server side request forgery in Swagger
 GHSA-qrmm-w75w-3wpx,2021-12-09T19:08:38Z,"Server side request forgery in SwaggerUI",swagger-ui-react,0,4.1.3,,MODERATE,CWE-918,
 GHSA-qv2g-99x4-45x6,2021-01-29T18:12:07Z,"Malicious npm package: discord-fix",discord-fix,0.0.0,,,CRITICAL,CWE-506,
 GHSA-qv78-398w-cxp7,2020-09-11T21:08:19Z,"Malicious Package in shrugging-logging",shrugging-logging,0,,,CRITICAL,CWE-506,
-GHSA-qvr7-g57c-mrc7,2026-03-13T15:48:21Z,"OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode",openclaw,0,2026.3.11,,LOW,CWE-636,
 GHSA-qwmf-95r9-gx9x,2026-03-21T03:31:13Z,"Duplicate Advisory: OpenClaw's gateway tokenless Tailscale auth applied to HTTP routes",openclaw,0,,,HIGH,CWE-290,
 GHSA-qx4v-6gc5-f2vv,2019-06-20T14:32:56Z,"Regular Expression Denial of Service",esm,0,3.1.0,,MODERATE,CWE-400,
-GHSA-qxgf-hmcj-3xw3,2026-04-01T00:01:51Z,"OpenClaw affected by SSRF via unguarded image download in fal provider",openclaw,0,2026.3.28,,LOW,CWE-918,
 GHSA-qxrj-x7rm-2h49,2020-09-03T17:05:59Z,"Malicious Package in dhkey",dhkey,0.0.0,,,CRITICAL,CWE-506,
 GHSA-r294-2894-92j3,2026-03-03T22:09:26Z,"OpenClaw has stored XSS in exported session HTML viewer via markdown/raw-HTML rendering",openclaw,0,2026.2.23,,MODERATE,CWE-79,
 GHSA-r2c6-8jc8-g32w,2026-02-02T00:30:23Z,"Duplicate Advisory: 1-Click RCE via Authentication Token Exfiltration From gatewayUrl",clawdbot,0,2026.1.29,,HIGH,CWE-669,
@@ -6779,14 +7085,17 @@ GHSA-r2rg-683g-ff96,2020-09-03T19:40:12Z,"Malicious Package in axios-http",axios
 GHSA-r2vw-jgq9-jqx2,2020-09-03T15:54:11Z,"Improper Authorization in @sap-cloud-sdk/core",@sap-cloud-sdk/core,1.19.0,1.21.2,,HIGH,CWE-285,
 GHSA-r32x-jhw5-g48p,2020-09-03T17:08:20Z,"Cross-Site Scripting in eco",eco,0.0.0,,,HIGH,CWE-79,
 GHSA-r3hf-q8q7-fv2p,2023-08-09T12:51:51Z,"Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory",@nguniversal/common,16.1.0,16.1.2,,HIGH,CWE-79,
+GHSA-r3v5-2grc-429h,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve",openclaw,0,2026.3.22,,HIGH,CWE-648,
 GHSA-r3vq-92c6-3mqf,2023-02-16T15:30:28Z,"Duplicate advisory: Sequelize - Unsafe fall-through in getWhereConditions",@sequelize/core,0,7.0.0-alpha.20,,HIGH,CWE-843,
 GHSA-r3xc-47qg-h929,2020-09-03T17:06:09Z,"Cross-Site Scripting in @ionic/core",@ionic/core,0,4.0.3,,HIGH,CWE-79,
 GHSA-r3xc-47qg-h929,2020-09-03T17:06:09Z,"Cross-Site Scripting in @ionic/core",@ionic/core,4.1.0,4.1.3,,HIGH,CWE-79,
 GHSA-r3xc-47qg-h929,2020-09-03T17:06:09Z,"Cross-Site Scripting in @ionic/core",@ionic/core,4.2.0,4.2.1,,HIGH,CWE-79,
 GHSA-r3xc-47qg-h929,2020-09-03T17:06:09Z,"Cross-Site Scripting in @ionic/core",@ionic/core,4.3.0,4.3.1,,HIGH,CWE-79,
+GHSA-r4c2-gq3j-7rpj,2026-04-10T00:30:30Z,"Duplicate Advisory: OpenClaw: Telegram Webhook Missing Guess Rate Limiting Enables Brute-Force Guessing of Weak Webhook Secret",openclaw,0,,2026.3.24,MODERATE,CWE-307,
 GHSA-r4m5-47cq-6qg8,2020-09-04T17:25:13Z,"Server-Side Request Forgery in ftp-srv",ftp-srv,1.0.0,2.19.6,,HIGH,CWE-918,
 GHSA-r4m5-47cq-6qg8,2020-09-04T17:25:13Z,"Server-Side Request Forgery in ftp-srv",ftp-srv,3.0.0,3.1.2,,HIGH,CWE-918,
 GHSA-r4m5-47cq-6qg8,2020-09-04T17:25:13Z,"Server-Side Request Forgery in ftp-srv",ftp-srv,4.0.0,4.3.4,,HIGH,CWE-918,
+GHSA-r4q5-vmmm-2653,2026-04-14T01:11:11Z,"follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",follow-redirects,0,1.16.0,,MODERATE,CWE-200,
 GHSA-r587-7jh2-4qr3,2020-08-26T19:32:50Z,"Server secret was included in static assets and served to clients",flood,2.0.0,3.0.0,,CRITICAL,,
 GHSA-r5w7-f542-q2j4,2025-01-28T20:37:26Z,"Potential DoS when using ContextLines integration","@sentry/google-cloud-serverless",8.10.0,8.49.0,,LOW,CWE-774,
 GHSA-r5w7-f542-q2j4,2025-01-28T20:37:26Z,"Potential DoS when using ContextLines integration",@sentry/astro,8.10.0,8.49.0,,LOW,CWE-774,
@@ -6802,6 +7111,7 @@ GHSA-r5w7-f542-q2j4,2025-01-28T20:37:26Z,"Potential DoS when using ContextLines
 GHSA-r5xw-q988-826m,2020-09-01T19:39:37Z,"Remote Memory Exposure in mongoose",mongoose,3.5.5,3.8.39,,MODERATE,CWE-201,
 GHSA-r5xw-q988-826m,2020-09-01T19:39:37Z,"Remote Memory Exposure in mongoose",mongoose,4.0.0,4.3.6,,MODERATE,CWE-201,
 GHSA-r742-7j4h-hjr8,2020-09-03T23:27:36Z,"Malicious Package in arsenic-tabasco-cyborg-peanut-butter","arsenic-tabasco-cyborg-peanut-butter",0.0.0,,,CRITICAL,CWE-506,
+GHSA-r77c-2cmr-7p47,2026-04-17T21:50:55Z,"OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay",openclaw,2026.4.10,2026.4.14,,LOW,CWE-862,
 GHSA-r7vr-gr74-94p8,2026-03-13T20:55:09Z,"OpenClaw: Command-authorized non-owners could reach owner-only `/config` and `/debug` surfaces",openclaw,0,2026.3.12,,HIGH,CWE-285,
 GHSA-r849-826x-wgqm,2026-03-19T03:30:57Z,"Duplicate Advisory: Signal group allowlist authorization bypass via DM pairing-store leakage",openclaw,0,,,LOW,CWE-863,
 GHSA-r863-p739-275c,2020-09-11T21:09:24Z,"Malicious Package in reuest",reuest,0,,,CRITICAL,CWE-506,
@@ -6809,43 +7119,48 @@ GHSA-r8hx-3qx6-hxq9,2020-09-03T19:41:14Z,"Malicious Package in commandre",comman
 GHSA-r9cj-xj33-4q42,2020-09-03T22:21:54Z,"Malicious Package in buffgr-xor",buffgr-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-r9q4-w3fm-wrm2,2020-09-02T21:21:43Z,"Cross-Site Scripting in google-closure-library",google-closure-library,0,20190301.0.0,,MODERATE,CWE-79,
 GHSA-rc4v-99cr-pjcm,2023-10-17T14:21:16Z,"Prototype Pollution in ali-security/mongoose","@seal-security/mongoose-fixed",5.3.3,5.3.4,,CRITICAL,CWE-1321,
+GHSA-rc8f-r29c-chr6,2026-04-10T00:30:29Z,"Duplicate Advisory: OpenClaw: BlueBubbles Webhook Missing Rate Limiting Enables Brute-Force Password Guessing",openclaw,0,,2026.3.24,MODERATE,CWE-307,
 GHSA-rch7-f4h5-x9rj,2019-08-23T00:04:52Z,"Identity Spoofing in libp2p-secio",libp2p-secio,0,0.9.0,,CRITICAL,CWE-290,
 GHSA-rchv-x836-w7xp,2026-03-09T19:52:29Z,"OpenClaw's dashboard leaked gateway auth material via browser URL/query and localStorage",openclaw,0,2026.3.7,,HIGH,CWE-200,
 GHSA-rcv7-4w2m-gj9v,2020-09-03T23:24:26Z,"Malicious Package in sj-tw-test-security",sj-tw-test-security,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rcx4-77x4-hjx5,2026-03-21T03:31:15Z,"Duplicate Advisory: OpenClaw ACP client has permission auto-approval bypass via untrusted tool metadata",openclaw,0,,2026.2.22-2,MODERATE,CWE-807,
-GHSA-rf6h-5gpw-qrgq,2026-03-29T15:49:50Z,"OpenClaw: MS Teams Feedback Invocation Bypasses Sender Allowlists and Records Unauthorized Session Feedback",openclaw,0,2026.3.28,,MODERATE,CWE-288;CWE-863,
+GHSA-rf75-g96h-j3rm,2026-04-02T21:32:52Z,"Duplicate Advisory: OpenClaw's complex interpreter pipelines could skip exec script preflight validation",openclaw,0,2026.4.2,,MODERATE,CWE-184,
 GHSA-rffp-mc78-wjf7,2020-09-02T18:26:48Z,"Command Injection in cocos-utils",cocos-utils,0,,,HIGH,CWE-77,
 GHSA-rfqg-qgf8-xr9x,2026-04-03T03:11:33Z,"OpenClaw: Gateway `device.token.rotate` does not terminate active WebSocket sessions after credential rotation",openclaw,0,2026.3.31,,LOW,CWE-613,
 GHSA-rg8m-3943-vm6q,2026-04-02T21:00:44Z,"OpenClaw: Matrix thread root and reply context bypass sender allowlist",openclaw,0,2026.3.31,,LOW,CWE-863,
 GHSA-rggq-f2wf-m6cp,2020-09-02T18:31:08Z,"Malicious Package in jajajejejiji",jajajejejiji,0,,,CRITICAL,CWE-506,
+GHSA-rh7v-6w34-w2rr,2026-04-16T21:49:28Z,"Flowise: File Upload Validation Bypass in createAttachment",flowise,0,3.1.0,,HIGH,CWE-434,
 GHSA-rhc3-76jw-4f2x,2020-09-04T17:58:46Z,"Denial of Service in @commercial/ammo",@commercial/ammo,0,2.1.1,,HIGH,,
-GHSA-rhfg-j8jq-7v2h,2026-03-29T15:48:42Z,"OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)",openclaw,0,2026.3.28,,HIGH,CWE-918,
+GHSA-rj2p-j66c-mgqh,2026-04-17T22:01:57Z,"OpenClaw: Browser tabs action select and close routes bypassed SSRF policy",openclaw,0,2026.4.10,,MODERATE,CWE-918,
 GHSA-rj39-33v7-9xrq,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)",openclaw,0,,,HIGH,CWE-78,
 GHSA-rjhc-w3fj-j6x9,2020-09-03T17:32:45Z,"Malicious Package in alipayjsapi",alipayjsapi,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rjvj-673q-4hfw,2020-09-04T17:54:31Z,"Command Injection in traceroute",traceroute,0.0.0,,,CRITICAL,CWE-77,
-GHSA-rm59-992w-x2mv,2026-03-26T19:50:41Z,"OpenClaw is vulnerable to unauthenticated resource exhaustion through its voice call webhook handling",openclaw,0,2026.3.22,,MODERATE,CWE-400,
 GHSA-rm5c-4rmf-vvhw,2026-04-03T03:01:57Z,"OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses",openclaw,0,2026.3.31,,MODERATE,CWE-367,
 GHSA-rm7c-x424-g2mw,2020-09-02T18:36:31Z,"Malicious Package in asyync",asyync,0,,,CRITICAL,CWE-506,
 GHSA-rmmc-8cqj-hfp3,2020-09-03T18:24:43Z,"Authentication Bypass in otpauth",otpauth,0,3.2.8,,HIGH,CWE-287,
+GHSA-rp42-5vxx-qpwr,2026-04-16T21:37:48Z,"basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()",basic-ftp,0,5.3.0,,HIGH,CWE-400;CWE-770,
 GHSA-rqgv-292v-5qgr,2024-04-23T16:21:09Z,"Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases",renovate,37.158.0,37.199.0,,MODERATE,CWE-78,
-GHSA-rqp8-q22p-5j9q,2026-03-26T21:45:35Z,"OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision ",openclaw,0,2026.3.22,,MODERATE,CWE-285,
+GHSA-rr7j-v2q5-chgv,2026-04-16T01:20:37Z,"LangSmith SDK: Streaming token events bypass output redaction",langsmith,0,0.5.19,,MODERATE,CWE-200;CWE-359;CWE-532,
 GHSA-rrqv-vjrw-hrcr,2021-05-26T19:59:19Z,"Arbitrary Code Execution in json-ptr",json-ptr,0,2.1.0,,HIGH,CWE-74,
 GHSA-rrvm-gqq8-q2wx,2020-09-03T21:05:26Z,"Malicious Package in require-port",require-port,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rv49-54qp-fw42,2019-06-06T15:30:20Z,"Path Traversal in servey",servey,0,3.1.0,,MODERATE,CWE-22,
 GHSA-rv6q-p3x7-43fx,2020-09-04T16:37:50Z,"Malicious Package in bitcoimjs-lib",bitcoimjs-lib,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rvg8-pwq2-xj7q,2020-09-01T20:42:44Z,"Out-of-bounds Read in base64url",base64url,0,3.0.0,,MODERATE,CWE-125,
-GHSA-rvqr-hrcc-j9vv,2026-03-26T19:50:24Z,"OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution",openclaw,0,2026.3.22,,MODERATE,CWE-345;CWE-642,
 GHSA-rvvf-6vh3-9j43,2026-04-03T03:23:36Z,"OpenClaw: Discord Slash Commands Bypass Group DM Channel Allowlist",openclaw,0,2026.3.31,,MODERATE,CWE-863,
 GHSA-rvww-x6m4-4vc2,2020-09-11T21:12:39Z,"Malicious Package in blubird",blubird,0,,,CRITICAL,CWE-506,
-GHSA-rw39-5899-8mxp,2026-03-13T15:47:46Z,"OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv",openclaw,0,2026.3.11,,HIGH,CWE-436;CWE-863,
 GHSA-rw4r-h883-8pf9,2020-09-02T20:30:02Z,"Malicious Package in reequest",reequest,0,,,CRITICAL,CWE-506,
 GHSA-rw53-q8x7-ccx8,2020-09-03T21:55:17Z,"Malicious Package in buffer-xkr",buffer-xkr,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rwcq-qpm6-7867,2020-09-03T17:04:32Z,"Malicious Package in riped160",riped160,0.0.0,,,CRITICAL,CWE-506,
 GHSA-rwmv-c7v8-v9vf,2020-09-04T16:36:45Z,"Malicious Package in bitcoimd-rpc",bitcoimd-rpc,0.0.0,,,CRITICAL,CWE-506,
+GHSA-rwwx-25m7-ww73,2026-03-29T15:30:19Z,"Duplicate Advisory: OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity",openclaw,0,2026.3.12,,CRITICAL,CWE-863,
+GHSA-rxmx-g7hr-8mx4,2026-04-07T18:15:59Z,"OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders",openclaw,0,2026.4.2,,MODERATE,CWE-349;CWE-440,
 GHSA-v2p6-4mp7-3r9v,2019-06-14T16:26:22Z,"Regular Expression Denial of Service in underscore.string",underscore.string,0,3.3.5,,MODERATE,CWE-400,
+GHSA-v38x-c887-992f,2026-04-18T00:46:04Z,"Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability",flowise,0,3.1.0,,CRITICAL,CWE-184,
+GHSA-v38x-c887-992f,2026-04-18T00:46:04Z,"Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability",flowise-components,0,3.1.0,,CRITICAL,CWE-184,
 GHSA-v3qc-wrwx-j3pw,2026-04-03T03:03:18Z,"OpenClaw: Agentic Consent Bypass — LLM Agent Can Silently Disable Exec Approval via `config.patch`",openclaw,0,2026.3.28,,HIGH,CWE-285,
 GHSA-v3rj-xjv7-4jmq,2026-03-25T21:03:56Z,"smol-toml: Denial of Service via TOML documents containing thousands of consecutive commented lines",smol-toml,0,1.6.1,,MODERATE,CWE-674,
 GHSA-v3wr-67px-44xg,2022-03-03T19:11:14Z,"Execution with Unnecessary Privileges in arc-electron","@advanced-rest-client/base",0,0.1.10,,HIGH,,
+GHSA-v457-wxvj-p9w9,2026-04-10T15:36:00Z,"@vitejs/plugin-rsc has a Denial of Service with React Server Components",@vitejs/plugin-rsc,0,0.5.23,,HIGH,CWE-400,
 GHSA-v45m-2wcp-gg98,2020-09-04T17:18:44Z,"Global node_modules Binary Overwrite in bin-links",bin-links,0,1.1.6,,LOW,,
 GHSA-v4x8-gw49-7hv4,2020-09-03T20:37:42Z,"Path Traversal in swagger-injector",swagger-injector,0.0.0,,,CRITICAL,CWE-22,
 GHSA-v66p-w7qx-wv98,2020-09-04T17:29:34Z,"Authentication Bypass in express-laravel-passport",express-laravel-passport,0.0.0,,,CRITICAL,CWE-287,
@@ -6860,22 +7175,25 @@ GHSA-v8w9-8mx6-g223,2026-03-11T00:31:47Z,"Hono vulnerable to Prototype Pollution
 GHSA-v95x-h953-x7fg,2020-09-03T19:47:55Z,"Malicious Package in k0a_multer",k0a_multer,0.0.0,,,CRITICAL,CWE-506,
 GHSA-v99v-xgjx-7m7g,2020-09-02T18:40:47Z,"Malicious Package in asnyc",asnyc,0,,,CRITICAL,CWE-506,
 GHSA-v9wp-8r97-v6xg,2020-09-03T17:17:00Z,"Cross-Site Scripting in jquery.json-viewer",jquery.json-viewer,0,1.3.0,,HIGH,CWE-79,
+GHSA-vc32-h5mq-453v,2026-04-09T17:34:33Z,"OpenClaw: /allowlist omits owner-only enforcement for cross-channel allowlist writes",openclaw,0,2026.4.8,,MODERATE,,
 GHSA-vc6r-4x6g-mmqc,2019-06-11T16:16:23Z,"Path Traversal in m-server",m-server,0,1.4.2,,MODERATE,CWE-22,
 GHSA-vcg5-9xw6-r56c,2020-09-02T21:40:49Z,"Malicious Package in logsymbles",logsymbles,0,,,CRITICAL,CWE-506,
-GHSA-vcx4-4qxg-mfp4,2026-03-27T22:37:35Z,"OpenClaw: Telegram Webhook Missing Guess Rate Limiting Enables Brute-Force Guessing of Weak Webhook Secret",openclaw,0,,2026.3.24,MODERATE,CWE-307;CWE-521,
 GHSA-vf5m-q45w-8mh9,2020-09-03T23:00:25Z,"Malicious Package in js-qha3",js-qha3,0.0.0,,,CRITICAL,CWE-506,
 GHSA-vf8q-pw7h-r2x2,2020-09-11T21:15:54Z,"Malicious Package in epress",epress,0,,,CRITICAL,CWE-506,
-GHSA-vfg3-pqpq-93m4,2026-03-26T21:27:49Z,"OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete",openclaw,0,2026.3.22,,MODERATE,CWE-863,
+GHSA-vfp4-8x56-j7c5,2026-04-17T21:54:20Z,"OpenClaw: Exec environment denylist missed high-risk interpreter startup variables",openclaw,0,2026.4.10,,HIGH,CWE-184,
+GHSA-vfw7-6rhc-6xxg,2026-04-07T18:10:52Z,"OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config",openclaw,0,2026.3.24,,HIGH,CWE-426,
 GHSA-vg44-fw64-cpjx,2020-03-24T15:08:59Z,"Incorrect Account Used for Signing","@metamask/eth-ledger-bridge-keyring",0,0.2.2,,HIGH,CWE-287,
 GHSA-vg44-fw64-cpjx,2020-03-24T15:08:59Z,"Incorrect Account Used for Signing","eth-ledger-bridge-keyring",0,0.2.1,,HIGH,CWE-287,
 GHSA-vh4c-j2xv-9pv9,2026-03-21T03:31:15Z,"Duplicate Advisory: OpenClaw: BlueBubbles beta plugin webhook auth hardening (remove passwordless fallback)",openclaw,0,,,MODERATE,CWE-306,
 GHSA-vh4h-fvqf-q9wv,2025-05-01T03:31:17Z,"Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack","@cloudflare/workers-oauth-provider",0,0.0.5,,MODERATE,CWE-287,
 GHSA-vh5j-5fhq-9xwg,2025-06-27T22:06:48Z,"Taylor has race condition in /get-patch that allows purchase token replay",taylored,0,8.1.3,,LOW,CWE-362,
-GHSA-vhwf-4x96-vqx2,2026-03-12T14:21:32Z,"OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path",openclaw,0,2026.3.8,,MODERATE,CWE-367,
 GHSA-vj2p-7pgw-g2wf,2026-03-27T15:46:53Z,"Postiz App has a High-Severity SSRF Vulnerability via Next.js",postiz,0,,2.0.12,HIGH,CWE-1395;CWE-918,
 GHSA-vjf3-2gpj-233v,2026-02-26T22:45:13Z,"n8n has an SSO Enforcement Bypass in its Self-Service Settings API",n8n,0,2.8.0,,MODERATE,CWE-269;CWE-284;CWE-287,
 GHSA-vjh7-7g9h-fjfh,2025-02-12T19:47:52Z,"Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)",elliptic,0,6.6.1,,CRITICAL,CWE-200,
+GHSA-vjqw-w5jr-g9w5,2026-03-29T15:30:19Z,"Duplicate Advisory: OpenClaw: Feishu webhook mode accepted forged events when only `verificationToken` was configured",openclaw,0,2026.3.12,,HIGH,CWE-347,
 GHSA-vjvw-wcmw-pr26,2020-09-04T17:37:08Z,"Insufficient Entropy in parsel",parsel,0.0.0,,,CRITICAL,CWE-331,
+GHSA-vjx8-8p7h-82gr,2026-04-07T18:10:45Z,"OpenClaw: Marketplace Plugin Download Follows Redirects Without SSRF Protection",openclaw,0,2026.3.31,,MODERATE,CWE-918,
+GHSA-vm29-7mq3-9jrg,2026-03-31T12:31:35Z,"Duplicate Advisory: OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode",OpenClaw,0,2026.3.11,,LOW,CWE-636,
 GHSA-vm67-mh96-95mq,2020-09-03T21:40:48Z,"Malicious Package in bubfer-xor",bubfer-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-vm6v-w6q2-mrrq,2020-09-03T19:20:05Z,"Malicious Package in bb-builder",bb-builder,0.0.0,,,CRITICAL,CWE-506,
 GHSA-vm7j-4rj6-mw2p,2020-09-03T21:08:42Z,"Malicious Package in ember_cli_babe",ember_cli_babe,0.0.0,,,CRITICAL,CWE-506,
@@ -6888,8 +7206,20 @@ GHSA-vpgc-7h78-gx8f,2020-09-04T18:05:14Z,"personnummer/js vulnerable to Improper
 GHSA-vpj4-89q8-rh38,2020-09-03T18:16:59Z,"Cross-Site Scripting in bpmn-js-properties-panel",bpmn-js-properties-panel,0,0.31.0,,HIGH,CWE-79,
 GHSA-vpq5-4rc8-c222,2019-06-05T14:10:45Z,"Denial of Service in canvas",canvas,0,1.6.10,,MODERATE,,
 GHSA-vqvg-86cc-cg83,2026-03-30T18:59:16Z,"OpenClaw: Mutating internal `/allowlist` chat commands missed `operator.admin` scope enforcement",openclaw,0,2026.3.24,,MODERATE,CWE-862,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/astro,"2.0.0-snapshot.v20241206174604",2.17.10,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/astro,0.0.1,1.5.7,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/astro,3.0.0,3.0.15,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/nextjs,5.0.0,5.7.6,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/nextjs,6.0.0-snapshot.vb87a27f,6.39.2,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/nextjs,7.0.0,7.2.1,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/nuxt,1.1.0,1.13.28,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/nuxt,2.0.0,2.2.2,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/shared,"3.0.0-canary.v20250225091530",3.47.4,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/shared,2.20.17,2.22.1,,CRITICAL,CWE-436;CWE-863,
+GHSA-vqx2-fgx2-5wq9,2026-04-16T21:28:26Z,"Official Clerk JavaScript SDKs: Middleware-based route protection bypass",@clerk/shared,4.0.0,4.8.1,,CRITICAL,CWE-436;CWE-863,
+GHSA-vr5g-mmx7-h897,2026-04-09T17:36:48Z,"OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation",openclaw,0,2026.4.8,,MODERATE,CWE-918,
 GHSA-vr6p-vq2p-6j74,2025-12-15T22:00:17Z,"Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions",likec4,0,,1.46.1,CRITICAL,CWE-502,
-GHSA-vr7j-g7jv-h5mp,2026-03-16T20:41:51Z,"OpenClaw session transcript files were created without forced user-only permissions",openclaw,0,2026.2.17,,MODERATE,CWE-276;CWE-732,
+GHSA-vr7g-88fq-vhq3,2026-04-16T22:48:09Z,"Paperclip: OS Command Injection via Execution Workspace cleanupCommand",@paperclipai/server,0,2026.416.0,,CRITICAL,CWE-78,
 GHSA-vrhm-gvg7-fpcf,2026-02-19T20:29:42Z," Memory exhaustion in SvelteKit remote form deserialization (experimental only)",@sveltejs/kit,2.49.0,2.52.2,,MODERATE,CWE-770,
 GHSA-vrqm-gvq7-rrwh,2026-03-20T20:44:52Z,"PDFME Affected by Decompression Bomb in FlateDecode Stream Parsing Causes Memory Exhaustion DoS",@pdfme/pdf-lib,0,5.5.10,,MODERATE,CWE-409,
 GHSA-vrxj-4qhw-5vwq,2020-09-03T17:03:41Z,"Malicious Package in scryptys",scryptys,0.0.0,,,CRITICAL,CWE-506,
@@ -6897,6 +7227,8 @@ GHSA-vv52-3mrp-455m,2020-09-03T15:53:36Z,"Malicious Package in m-backdoor",m-bac
 GHSA-vv7g-pjw9-4qj9,2020-09-03T17:03:56Z,"Malicious Package in scrytsy",scrytsy,0.0.0,,,CRITICAL,CWE-506,
 GHSA-vvfh-mvjv-w38q,2020-09-04T15:28:19Z,"Malicious Package in babel-loadre",babel-loadre,0.0.0,,,CRITICAL,CWE-506,
 GHSA-vvjh-f6p9-5vcf,2026-03-04T19:17:36Z,"OpenClaw Canvas Authentication Bypass Vulnerability",openclaw,0,2026.2.19,,HIGH,CWE-291,
+GHSA-vvjj-xcjg-gr5g,2026-04-08T15:05:20Z,"Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO) ",nodemailer,0,8.0.5,,MODERATE,CWE-93,
+GHSA-vw3h-q6xq-jjm5,2026-04-17T21:48:36Z,"OpenClaw: Voice-call realtime WebSocket accepted oversized frames",openclaw,2026.4.9,2026.4.10,,HIGH,CWE-400;CWE-770,
 GHSA-vw7g-jq9m-3q9v,2020-09-02T18:23:35Z,"Unauthorized File Access in glance",glance,0,3.0.7,,MODERATE,,
 GHSA-vx5f-vmr6-32wf,2026-02-10T14:33:50Z,"cap-go/capacitor-native-biometric Authentication Bypass","@capgo/capacitor-native-biometric",0,8.3.6,,MODERATE,CWE-287,
 GHSA-vx5w-cxch-wwc9,2020-09-03T19:02:27Z,"Path Traversal in f-serv",f-serv,0.0.0,,,CRITICAL,CWE-22,
@@ -6933,6 +7265,7 @@ GHSA-w42g-7vfc-xf37,2020-06-05T19:38:14Z,"Introspection in schema validation in
 GHSA-w42g-7vfc-xf37,2020-06-05T19:38:14Z,"Introspection in schema validation in Apollo Server",apollo-server-koa,0,2.14.2,,MODERATE,,
 GHSA-w42g-7vfc-xf37,2020-06-05T19:38:14Z,"Introspection in schema validation in Apollo Server",apollo-server-lambda,0,2.14.2,,MODERATE,,
 GHSA-w42g-7vfc-xf37,2020-06-05T19:38:14Z,"Introspection in schema validation in Apollo Server",apollo-server-micro,0,2.14.2,,MODERATE,,
+GHSA-w47f-j8rh-wx87,2026-04-17T21:34:30Z,"Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs",flowise,0,3.1.0,,HIGH,,
 GHSA-w48f-fwg7-ww6p,2026-04-04T04:24:27Z,"@stablelib/cbor: Prototype poisoning via `__proto__` map keys in CBOR decoding",@stablelib/cbor,0,2.0.3,,HIGH,CWE-1321,
 GHSA-w4hv-vmv9-hgcr,2024-02-16T19:29:31Z,"GitHub Security Lab (GHSL) Vulnerability Report, scrypted: `GHSL-2023-218`, `GHSL-2023-219`",@scrypted/core,0,,0.1.142,HIGH,,
 GHSA-w4hv-vmv9-hgcr,2024-02-16T19:29:31Z,"GitHub Security Lab (GHSL) Vulnerability Report, scrypted: `GHSL-2023-218`, `GHSL-2023-219`",@scrypted/server,0,,0.56.0,HIGH,,
@@ -6945,16 +7278,22 @@ GHSA-w673-8fjw-457c,2026-03-27T18:06:28Z,"n8n: Authenticated XSS and Open Redire
 GHSA-w673-8fjw-457c,2026-03-27T18:06:28Z,"n8n: Authenticated XSS and Open Redirect via Form Node",n8n,2.0.0-rc.0,2.10.4,,MODERATE,CWE-601;CWE-79,
 GHSA-w673-8fjw-457c,2026-03-27T18:06:28Z,"n8n: Authenticated XSS and Open Redirect via Form Node",n8n,2.11.0,2.12.0,,MODERATE,CWE-601;CWE-79,
 GHSA-w6f4-3v35-qjhj,2026-03-21T03:31:13Z,"Duplicate Advisory: OpenClaw's system.run shell-wrapper positional argv carriers could execute hidden commands under misleading approval text",openclaw,0,,2026.2.23,MODERATE,CWE-436;CWE-77,
-GHSA-w6m8-cqvj-pg5v,2026-03-30T18:32:03Z,"OpenClaw has incomplete Fix for CVE-2026-32011: Feishu Webhook Pre-Auth Body Parsing DoS (Slow-Body / Slowloris Variant)",openclaw,0,2026.3.24,,MODERATE,CWE-400,
+GHSA-w6v6-49gh-mc9w,2026-04-16T21:22:49Z,"Flowise: Path Traversal in Vector Store basePath",flowise,0,3.1.0,,MODERATE,CWE-22,
+GHSA-w6v6-49gh-mc9w,2026-04-16T21:22:49Z,"Flowise: Path Traversal in Vector Store basePath",flowise-components,0,3.1.0,,MODERATE,CWE-22,
+GHSA-w6wx-jq6j-6mcj,2026-04-07T18:15:52Z,"OpenClaw: pnpm dlx approvals did not bind local script operands",openclaw,0,2026.4.2,,MODERATE,CWE-863,
 GHSA-w725-67p7-xv22,2020-09-03T17:05:04Z,"Command Injection in local-devices",local-devices,0,3.0.0,,HIGH,CWE-77,
 GHSA-w7j5-j98m-w679,2026-03-03T22:25:13Z,"OpenClaw has multiple E2E/test Dockerfiles that run all processes as root",openclaw,0,2026.2.21,,HIGH,CWE-250,
 GHSA-w7q7-vjp8-7jv4,2019-06-06T15:30:16Z,"SQL Injection in typeorm",typeorm,0,0.1.15,,CRITICAL,CWE-89,
 GHSA-w7wg-24g3-2c78,2020-09-02T21:14:17Z,"Malicious Package in requset",requset,0,,,CRITICAL,CWE-506,
 GHSA-w85g-3h6x-4xh2,2026-04-03T03:01:18Z,"OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS",openclaw,0,2026.3.31,,MODERATE,CWE-770,
 GHSA-w8fh-pvq2-x8c4,2021-01-29T18:11:20Z,"Malicious npm package: sonatype",sonatype,0.0.0,,,CRITICAL,CWE-506,
+GHSA-w8g9-x8gx-crmm,2026-04-09T17:36:59Z,"OpenClaw: Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable",openclaw,0,2026.4.8,,MODERATE,CWE-918,
+GHSA-w8hx-hqjv-vjcq,2026-04-16T22:46:52Z,"Paperclip: Malicious skills able to exfiltrate and destroy all user data",@paperclipai/server,0,2026.416.0,,HIGH,CWE-77,
+GHSA-w8rf-7qf8-65ww,2026-03-31T12:31:35Z,"Duplicate Advisory: OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv",openclaw,0,2026.3.11,,HIGH,CWE-451,
 GHSA-w992-2gmj-9xxj,2020-09-11T21:23:29Z,"Cross-Site Scripting in swagger-ui",swagger-ui,0,2.2.1,,MODERATE,CWE-79,
 GHSA-w9cg-v44m-4qv8,2026-03-03T22:09:52Z,"OpenClaw affected by BASH_ENV / ENV startup-file injection into spawned shell commands",openclaw,0,2026.2.21,,HIGH,CWE-15;CWE-78,
 GHSA-w9hw-v97w-g5f5,2020-09-04T16:43:14Z,"Malicious Package in bitconi-ops",bitconi-ops,0.0.0,,,CRITICAL,CWE-506,
+GHSA-w9j9-w4cp-6wgr,2026-04-09T17:37:04Z,"OpenClaw Host-Exec Environment Variable Injection",openclaw,0,2026.4.8,,MODERATE,CWE-78,
 GHSA-w9q5-mvc6-5cw3,2020-09-03T21:45:13Z,"Malicious Package in bufder-xor",bufder-xor,0.0.0,,,CRITICAL,CWE-506,
 GHSA-wc7q-qpm4-8pqv,2020-09-02T20:32:10Z,"Malicious Package in rrequest",rrequest,0,,,CRITICAL,CWE-506,
 GHSA-wch2-46wj-6x5j,2020-09-04T15:37:15Z,"Malicious Package in bip30",bip30,0.0.0,,,CRITICAL,CWE-506,
@@ -6968,11 +7307,11 @@ GHSA-wgvj-6v57-wjh3,2020-09-02T21:30:14Z,"Malicious Package in bowee",bowee,0,,,
 GHSA-wgw3-gf4p-62xc,2020-09-11T21:16:59Z,"Command Injection in wizard-syncronizer",wizard-syncronizer,0.0.0,,,MODERATE,CWE-79,
 GHSA-wgx8-r9vw-2w4h,2026-03-12T12:30:29Z," Duplicate Advisory: OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)",openclaw,0,2026.2.21,,MODERATE,CWE-74,
 GHSA-wh87-3959-vfrq,2020-09-03T21:51:58Z,"Malicious Package in buffer-hor",buffer-hor,0.0.0,,,CRITICAL,CWE-506,
+GHSA-whf9-3hcx-gq54,2026-04-09T17:33:05Z,"OpenClaw `device.token.rotate` mints tokens for unapproved roles, bypassing device role-upgrade pairing",openclaw,0,2026.4.8,,MODERATE,CWE-863,
 GHSA-whjr-jj69-7prm,2020-09-03T19:44:35Z,"Malicious Package in import-mysql",import-mysql,0.0.0,,,CRITICAL,CWE-506,
 GHSA-whpx-q3rq-w8jc,2022-10-20T18:38:35Z,"Hardening of TypedArrays with non-canonical numeric property names in SES",ses,0,0.16.0,,LOW,,
 GHSA-whrh-9j4q-g7ph,2020-08-05T21:43:19Z,"CSRF Vulnerability in polaris-website",polaris-website,0,1.1.1,,MODERATE,CWE-352,
 GHSA-whv6-rj84-2vh2,2020-09-04T17:21:58Z,"Cross-Site Scripting in nextcloud-vue-collections","nextcloud-vue-collections",0,0.4.2,,HIGH,CWE-79,
-GHSA-wj55-88gf-x564,2026-03-26T21:14:24Z,"OpenClaw may have stale policy enforcement for queued node actions",openclaw,0,2026.3.22,,MODERATE,CWE-367;CWE-863,
 GHSA-wjf2-7f9g-86f5,2020-09-03T18:23:38Z,"Malicious Package in fast-requests",fast-requests,0.0.0,,,CRITICAL,CWE-506,
 GHSA-wjmf-58vc-xqjr,2021-02-25T02:01:56Z,"Content injection in marked",marked,0,0.3.9,,MODERATE,,
 GHSA-wjpj-gmc3-5w56,2020-09-03T22:30:31Z,"Malicious Package in buvfer-xor",buvfer-xor,0.0.0,,,CRITICAL,CWE-506,
@@ -6980,25 +7319,28 @@ GHSA-wm63-7627-ch33,2023-11-17T21:50:31Z,"@vendure/core's insecure currencyCode
 GHSA-wm77-q74p-5763,2018-07-27T17:06:03Z,"Path Traversal in superstatic",superstatic,0,5.0.2,,HIGH,CWE-177,
 GHSA-wm7q-rxch-43mx,2020-09-01T19:38:33Z,"Byass due to validation before canonicalization in serve",serve,0,6.5.2,,HIGH,,
 GHSA-wmcq-3wfx-qjx5,2020-09-01T17:33:30Z,"Directory Traversal in nodeload-nmickuli",nodeload-nmickuli,0.0.0,,,HIGH,CWE-22,
+GHSA-wmgj-hrx3-23gj,2026-03-29T15:30:19Z,"Duplicate Advisory: OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity",openclaw,0,2026.3.11,,HIGH,CWE-367,
 GHSA-wmjr-v86c-m9jj,2025-11-26T22:11:50Z,"Better Auth's multi-session sign-out hook allows forged cookies to revoke arbitrary sessions",better-auth,1.3.34,1.4.0,,LOW,CWE-287;CWE-345,
 GHSA-wmpv-c2jp-j2xg,2021-11-15T23:28:18Z,"ERC1155Supply vulnerability in OpenZeppelin Contracts","@openzeppelin/contracts-upgradeable",4.2.0,4.3.3,,LOW,,
 GHSA-wmpv-c2jp-j2xg,2021-11-15T23:28:18Z,"ERC1155Supply vulnerability in OpenZeppelin Contracts",@openzeppelin/contracts,4.2.0,4.3.3,,LOW,,
 GHSA-wp2p-q35g-3rjj,2020-09-01T21:13:01Z,"Malicious Package in soket.io",soket.io,0,,,CRITICAL,CWE-506,
+GHSA-wpc6-37g7-8q4w,2026-04-07T18:14:35Z,"OpenClaw: Shell init-file options could satisfy exec allowlist script matching",openclaw,0,2026.3.31,,MODERATE,CWE-184,
 GHSA-wpfc-3w63-g4hm,2020-09-01T21:09:48Z,"Malicious Package in axois",axois,0,,,CRITICAL,CWE-506,
-GHSA-wq58-2pvg-5h4f,2026-03-26T19:00:45Z,"OpenClaw: Gateway agent /reset exposes admin session reset to operator.write callers",openclaw,0,2026.3.23,,HIGH,CWE-862,
 GHSA-wq95-wr7m-26h4,2025-10-06T03:31:38Z,"Duplicate Advisory: Flowise Stored XSS vulnerability through logs in chatbot",flowise,0,3.0.5,,HIGH,CWE-79,
 GHSA-wqgq-mfvj-6qxp,2020-09-03T19:49:03Z,"Malicious Package in koa-body-parse",koa-body-parse,0.0.0,,,CRITICAL,CWE-506,
 GHSA-wqgx-4q47-j2w5,2020-09-04T17:36:04Z,"Insecure Cryptography Algorithm in parsel",parsel,0.0.0,,,CRITICAL,CWE-327,
 GHSA-wqhw-frpx-5mmp,2020-09-02T16:01:33Z,"Command Injection in tomato",tomato,0,,,HIGH,CWE-77,
+GHSA-wqq3-wfmp-v85g,2026-04-16T21:10:17Z,"Mojic: Observable Timing Discrepancy in HMAC Verification",mojic,0,2.1.4,,MODERATE,CWE-208,
 GHSA-wr4h-v87w-p3r7,2026-03-18T16:18:32Z,"h3 has a Path Traversal via Percent-Encoded Dot Segments in serveStatic Allows Arbitrary File Read",h3,0,1.15.6,,MODERATE,CWE-116;CWE-22,
 GHSA-wr4h-v87w-p3r7,2026-03-18T16:18:32Z,"h3 has a Path Traversal via Percent-Encoded Dot Segments in serveStatic Allows Arbitrary File Read",h3,2.0.0,2.0.1-rc.15,,MODERATE,CWE-116;CWE-22,
 GHSA-wr92-6w3g-2hwc,2026-03-21T03:31:13Z,"Duplicate Advisory: OpenClaw's sandboxed sessions_spawn now enforces sandbox inheritance for cross-agent spawns",openclaw,0,,,HIGH,CWE-732,
 GHSA-wrw9-m778-g6mc,2019-06-03T17:27:57Z,"Memory Exposure in bl",bl,0,0.9.5,,MODERATE,CWE-200,
 GHSA-wrw9-m778-g6mc,2019-06-03T17:27:57Z,"Memory Exposure in bl",bl,1.0.0,1.0.1,,MODERATE,CWE-200,
 GHSA-wv39-cgmm-cq29,2020-09-03T22:23:00Z,"Malicious Package in buffmr-xor",buffmr-xor,0.0.0,,,CRITICAL,CWE-506,
-GHSA-wv46-v6xc-2qhf,2026-03-26T19:08:16Z,"OpenClaw: Synology Chat reply delivery could be rebound through username-based user resolution.",openclaw,0,2026.3.22,,HIGH,CWE-639;CWE-706,
 GHSA-wvh7-5p38-2qfc,2020-07-23T18:20:10Z,"Storing Password in Local Storage",parse,0,2.10.0,,MODERATE,CWE-256,
 GHSA-wvr4-3wq4-gpc5,2026-03-19T12:51:28Z,"MCP Connect has unauthenticated remote OS command execution via /bridge endpoint",mcp-bridge,0,,2.0.0,CRITICAL,CWE-306,
+GHSA-wwfp-w96m-c6x8,2026-04-07T18:14:44Z,"OpenClaw: Pairing pending-request caps were enforced per channel instead of per account",openclaw,2026.2.26,2026.3.31,,MODERATE,,
+GHSA-wwrj-437c-ppq4,2026-03-31T12:31:35Z,"Duplicate Advisory: OpenClaw's system.run approvals did not bind mutable script operands across approval and execution",openclaw,0,2026.3.8,,MODERATE,CWE-367,
 GHSA-wwwg-6r7f-9c9h,2020-09-03T19:43:28Z,"Malicious Package in file-logging",file-logging,0.0.0,,,CRITICAL,CWE-506,
 GHSA-wx77-rp39-c6vg,2020-09-04T15:11:03Z,"Regular Expression Denial of Service in markdown",markdown,0.0.0,,,LOW,CWE-400,
 GHSA-wx84-69jh-jjp2,2020-08-03T18:22:36Z,Withdrawn,sshpk,0,1.13.2,,HIGH,,
@@ -7009,7 +7351,7 @@ GHSA-wxhq-pm8v-cw75,2019-06-05T20:50:16Z,"Regular Expression Denial of Service i
 GHSA-wxj2-777f-vxmf,2024-01-03T18:30:51Z,"Duplicate Advisory: Cross-site scripting vulnerability in TinyMCE plugins",tinymce,0,,,MODERATE,CWE-79,
 GHSA-wxrm-2h86-v95f,2020-09-03T21:04:20Z,"Malicious Package in pizza-pasta",pizza-pasta,0.0.0,,,CRITICAL,CWE-506,
 GHSA-wxvm-fh75-mpgr,2018-07-26T16:24:34Z,"Critical severity vulnerability that affects dns-sync",dns-sync,0,0.1.1,,CRITICAL,,
-GHSA-x2cm-hg9c-mf5w,2026-03-26T21:44:41Z,"OpenClaw leaf subagents can bypass controlScope restrictions to send messages to child sessions",openclaw,0,2026.3.22,,MODERATE,CWE-285,
+GHSA-wxw2-rwmh-vr8f,2026-04-16T21:24:22Z,"electerm: electerm_install_script_CommandInjection Vulnerability Report",electerm,0,3.3.8,,CRITICAL,,
 GHSA-x2g5-fvc2-gqvp,2026-03-05T21:54:31Z,"Flowise has Insufficient Password Salt Rounds",flowise,0,3.0.13,,MODERATE,CWE-328;CWE-916,
 GHSA-x2m8-53h4-6hch,2026-04-03T03:27:38Z,"OpenClaw: Discord voice ingress authorization can be bypassed via channel, name, and stale-role validation gaps",openclaw,0,2026.3.31,,LOW,CWE-862,
 GHSA-x39m-3393-3qp4,2025-11-14T20:56:02Z,"Flowise doesn't Prevent Bypass of Password Confirmation through Unverified Email Change (credentials)",flowise-ui,0,3.0.10,,HIGH,CWE-306;CWE-620,
@@ -7023,11 +7365,13 @@ GHSA-x4rf-4mqf-cm8w,2020-08-19T22:44:22Z,"Open Redirect in ecstatic",ecstatic,0,
 GHSA-x4rf-4mqf-cm8w,2020-08-19T22:44:22Z,"Open Redirect in ecstatic",ecstatic,3.0.0,3.3.2,,MODERATE,,
 GHSA-x4rf-4mqf-cm8w,2020-08-19T22:44:22Z,"Open Redirect in ecstatic",ecstatic,4.0.0,4.1.2,,MODERATE,,
 GHSA-x565-32qp-m3vf,2024-04-11T21:30:30Z,"phin may include sensitive headers in subsequent requests after redirect",phin,0,3.7.1,,MODERATE,CWE-200,
+GHSA-x5w6-38gp-mrqh,2026-04-16T21:53:16Z,"Flowise: Password Reset Link Sent Over Unsecured HTTP",flowise,0,3.1.0,,HIGH,CWE-319,
 GHSA-x6ch-c6rv-f7wh,2020-09-02T18:34:22Z,"Malicious Package in asymc",asymc,0,,,CRITICAL,CWE-506,
 GHSA-x6gq-467r-hwcc,2020-09-01T21:14:05Z,"Malicious Package in soket.js",soket.js,0,,,CRITICAL,CWE-506,
 GHSA-x6m6-5hrf-fh6r,2020-09-01T21:26:50Z,"Denial of Service in markdown-it-toc-and-anchor","markdown-it-toc-and-anchor",0,4.2.0,,HIGH,CWE-400,
 GHSA-x732-6j76-qmhm,2025-12-16T21:22:45Z,"Better Auth's rou3 Dependency has Double-Slash Path Normalization which can Bypass disabledPaths Config and Rate Limits",better-auth,0,1.4.5,,HIGH,CWE-400;CWE-41,
 GHSA-x742-88jj-7hv9,2026-03-19T03:30:57Z,"Duplicate Advisory: allowlist exec-guard bypass via env -S",openclaw,0,,,HIGH,CWE-184,
+GHSA-x7mm-9vvv-64w8,2026-04-10T22:09:39Z,"unhead: Streaming SSR `streamKey` injected into inline script without identifier validation",unhead,3.0.0-beta.5,3.0.1,,LOW,CWE-79,
 GHSA-x7rp-qj2h-ghgw,2025-11-14T20:50:36Z,"Flowise Fails to Invalidate Existing Sessions After Password Changes",flowise,0,3.0.10,,HIGH,CWE-613,
 GHSA-x82f-27x3-q89c,2026-03-02T21:55:25Z,"OpenClaw's TOCTOU symlink race in writeFileWithinRoot could create or truncate files outside root boundaries",openclaw,0,2026.3.1,,HIGH,CWE-367;CWE-59,
 GHSA-x87g-rgrh-r6g3,2020-09-03T17:07:15Z,"Malicious Package in rpc-websocket",rpc-websocket,0.7.7,,,CRITICAL,CWE-506,
@@ -7039,19 +7383,22 @@ GHSA-xcgx-27q5-7634,2020-09-03T19:41:05Z,"Malicious Package in commanedr",comman
 GHSA-xcxh-6cv4-q8p8,2025-08-12T00:13:03Z,"HFS user adding a ""web link"" in HFS is vulnerable to ""target=_blank"" exploit",hfs,0,0.57.10,,LOW,CWE-1022,
 GHSA-xf5p-87ch-gxw2,2019-06-05T14:10:03Z,"Marked ReDoS due to email addresses being evaluated in quadratic time",marked,0.3.14,0.6.2,,MODERATE,CWE-400,
 GHSA-xf64-2f9p-6pqq,2020-09-04T17:24:08Z,"Information Exposure in type-graphql",type-graphql,0,0.17.6,,LOW,CWE-209,
-GHSA-xf99-j42q-5w5p,2026-03-13T15:47:41Z,"OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity",openclaw,0,2026.3.11,,HIGH,CWE-367,
 GHSA-xffm-g5w8-qvg7,2025-07-18T20:39:12Z,"@eslint/plugin-kit is vulnerable to Regular Expression Denial of Service attacks through ConfigCommentParser",@eslint/plugin-kit,0,0.3.4,,LOW,CWE-1333,
+GHSA-xfqj-r5qw-8g4j,2026-04-16T22:47:05Z,"Paperclip: Unauthenticated Access to Multiple API Endpoints in Authenticated Mode",@paperclipai/server,0,2026.416.0,,HIGH,CWE-306,
 GHSA-xfrc-7mj2-5xh9,2020-09-03T17:14:51Z,"Undefined Behavior in zencashjs",zencashjs,0,1.2.0,,CRITICAL,,
+GHSA-xg59-f45v-9r9j,2026-03-31T12:31:36Z,"Duplicate Advisory: OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty",openclaw,0,2026.3.8,,LOW,CWE-863,
 GHSA-xg6x-h9c9-2m83,2026-04-03T03:29:59Z,"Better Auth Has Two-Factor Authentication Bypass via Premature Session Caching (session.cookieCache)",better-auth,0,1.4.9,,CRITICAL,CWE-288,
 GHSA-xgh6-85xh-479p,2020-10-16T18:56:26Z,"Regular Expression Denial of Service in npm-user-validate",npm-user-validate,0,1.0.1,,LOW,,
 GHSA-xgp2-cc4r-7vf6,2020-09-03T20:44:21Z,"Denial of Service in http-live-simulator",http-live-simulator,0,1.0.8,,MODERATE,,
 GHSA-xgwg-m42c-8q62,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw: Slack system events bypass sender authorization in member and message subtype handlers",openclaw,0,,2026.2.25,MODERATE,CWE-863,
 GHSA-xgx4-2wgv-4jhm,2026-03-20T20:45:08Z,"PDFME  has XSS via Unsanitized i18n Label Injection into innerHTML in multiVariableText propPanel",@pdfme/schemas,0,5.5.10,,MODERATE,CWE-79,
 GHSA-xh2p-7p87-fhgh,2021-08-05T16:56:58Z,"Incorrect TCR calculation in batchLiquidateTroves() during Recovery Mode",@liquity/contracts,0,,1.0.0,LOW,CWE-682,
+GHSA-xh72-v6v9-mwhc,2026-04-17T22:32:47Z,"OpenClaw: Feishu webhook and card-action validation now fail closed",openclaw,0,2026.4.15,,CRITICAL,CWE-1188;CWE-287;CWE-294,
 GHSA-xh8g-j88w-6v59,2020-09-03T19:42:16Z,"Malicious Package in cionstring",cionstring,0.0.0,,,CRITICAL,CWE-506,
 GHSA-xh9j-mpc9-2m9p,2026-03-21T03:31:14Z,"Duplicate Advisory: OpenClaw has a Trusted-proxy Control UI pairing bypass which allows unpaired node sessions",openclaw,0,,2026.2.24,MODERATE,CWE-807,
 GHSA-xhjx-mfr6-9rr4,2020-09-01T21:20:28Z,"Command Injection in samsung-remote",samsung-remote,0,1.3.5,,CRITICAL,CWE-77,
-GHSA-xhq5-45pm-2gjr,2026-03-26T21:34:18Z,"OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens",openclaw,0,2026.3.22,,MODERATE,CWE-639;CWE-863,
+GHSA-xhmj-rg95-44hv,2026-04-16T21:50:12Z,"Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox",flowise,0,3.1.0,,HIGH,CWE-284;CWE-918,
+GHSA-xhmj-rg95-44hv,2026-04-16T21:50:12Z,"Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox",flowise-components,0,3.1.0,,HIGH,CWE-284;CWE-918,
 GHSA-xj9w-5r6q-x6v4,2026-04-03T02:59:03Z,"OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md",openclaw,0,2026.3.31,,HIGH,CWE-863,
 GHSA-xjj9-2w6f-jg55,2026-03-12T12:30:29Z," Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure",openclaw,0,2026.2.19,,MODERATE,CWE-200,
 GHSA-xjr7-3c3g-m763,2026-01-13T20:29:00Z,"Renovate vulnerable to arbitrary command injection via gleam manager and malicious gleam.toml file",renovate,39.53.0,40.33.0,,MODERATE,CWE-77,
@@ -7060,13 +7407,15 @@ GHSA-xm7f-x4wx-wmgv,2019-06-04T15:47:43Z,"Out-of-bounds Read in byte",byte,0,1.4
 GHSA-xmh9-rg6f-j3mr,2021-03-12T22:39:01Z,"Verification flaw in Solid identity-token-verifier","@solid/identity-token-verifier",0,0.5.2,,MODERATE,CWE-290,
 GHSA-xmmp-hrmx-x5g7,2020-09-02T21:32:22Z,"Malicious Package in bowe",bowe,0,,,CRITICAL,CWE-506,
 GHSA-xmv6-r34m-62p4,2026-03-03T22:08:54Z,"OpenClaw: Sandbox media fallback tmp symlink alias bypass allows host file reads outside sandboxRoot",openclaw,0,2026.2.25,,HIGH,CWE-22;CWE-59,
-GHSA-xp9r-prpg-373r,2026-03-30T19:05:11Z,"OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface",openclaw,0,2026.3.24,,HIGH,CWE-863,
+GHSA-xmxx-7p24-h892,2026-04-17T22:32:02Z,"OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation",openclaw,0,2026.4.15,,HIGH,CWE-324,
 GHSA-xphh-5v4r-r3rx,2025-12-30T19:25:04Z,"PsiTransfer has Zip Slip Path Traversal via TAR Archive Download",psitransfer,0,2.3.1,,HIGH,CWE-22;CWE-23,
 GHSA-xq3g-m3j8-2vmm,2026-03-21T03:31:13Z,"Duplicate Advisory: OpenClaw's inbound media downloads could exceed configured byte limits before rejection across multiple channels",openclaw,0,,,HIGH,CWE-770,
 GHSA-xq7h-vwjp-5vrh,2026-03-25T17:30:46Z,"@grackle-ai/powerline Runs Without Authentication by Default",@grackle-ai/powerline,0,0.70.1,,MODERATE,CWE-306,
-GHSA-xq8g-hgh6-87hv,2026-03-27T22:31:19Z,"OpenClaw: BlueBubbles Webhook Missing Rate Limiting Enables Brute-Force Password Guessing",openclaw,0,,2026.3.24,MODERATE,CWE-307;CWE-521,
+GHSA-xq94-r468-qwgj,2026-04-17T21:58:01Z,"OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding",openclaw,0,2026.4.10,,MODERATE,CWE-350;CWE-918,
 GHSA-xr3g-4gg5-w3wq,2020-09-03T17:06:14Z,"Malicious Package in degbu",degbu,0.0.0,,,CRITICAL,CWE-506,
 GHSA-xr53-m937-jr9c,2020-09-03T15:49:14Z,"Cross-Site Scripting in ngx-md",ngx-md,0,6.0.3,,HIGH,CWE-79,
+GHSA-xr8f-h2gw-9xh6,2026-04-16T22:44:27Z,"OAuth 2.1 Provider: Unprivileged users can register OAuth clients","@better-auth/oauth-provider",1.4.8-beta.7,1.6.5,,HIGH,CWE-863,
+GHSA-xr8f-h2gw-9xh6,2026-04-16T22:44:27Z,"OAuth 2.1 Provider: Unprivileged users can register OAuth clients","@better-auth/oauth-provider",1.7.0-beta.0,,1.7.0-beta.1,HIGH,CWE-863,
 GHSA-xrgv-34cc-q765,2026-03-19T03:30:57Z,"Duplicate Advisory: OpenClaw's system.run allowlist bypass via shell line-continuation command substitution",openclaw,0,,,MODERATE,CWE-78,
 GHSA-xrmp-99wj-p6jc,2019-05-31T23:43:09Z,"Prototype Pollution in deap",deap,0,1.0.1,,HIGH,CWE-400,
 GHSA-xrr6-6ww3-f3qm,2020-09-02T21:25:58Z,"Sandbox Breakout / Arbitrary Code Execution in value-censorship",value-censorship,0,,,MODERATE,,
@@ -7074,9 +7423,8 @@ GHSA-xrrg-wfwc-c7r3,2020-09-04T15:33:52Z,"Malicious Package in bictoin-ops",bict
 GHSA-xv3q-jrmm-4fxv,2023-04-18T22:28:02Z,"Authentication Bypass in @strapi/plugin-users-permissions","@strapi/plugin-users-permissions",3.2.1,4.6.0,,HIGH,,
 GHSA-xv56-3wq5-9997,2026-01-13T19:57:06Z,"Renovate vulnerable to arbitrary command injection via kustomize manager and malicious helm repository",renovate,39.218.0,40.33.0,,MODERATE,CWE-77,
 GHSA-xvp7-8vm8-xfxx,2025-10-20T17:55:59Z,"Actual Sync-server Gocardless service is logging sensitive data including bearer tokens and account numbers",@actual-app/sync-server,0,,25.10.0,MODERATE,CWE-209;CWE-219,
-GHSA-xvx8-77m6-gwg6,2026-03-13T15:47:15Z,"OpenClaw: Sandbox `writeFile` commit could race outside the validated path",openclaw,0,2026.3.11,,MODERATE,CWE-367,
-GHSA-xw77-45gv-p728,2026-03-13T15:47:23Z,"OpenClaw: Plugin subagent routes could bypass gateway authorization with synthetic admin scopes",openclaw,2026.3.7,2026.3.11,,CRITICAL,CWE-269;CWE-285,
 GHSA-xw79-hhv6-578c,2020-09-11T21:16:59Z,"Cross-Site Scripting in serve",serve,0,10.0.2,,HIGH,CWE-79,
 GHSA-xwcj-hwhf-h378,2026-03-16T20:40:13Z,"OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs",openclaw,0,2026.3.13,,MODERATE,CWE-532,
 GHSA-xwqw-rf2q-xmhf,2020-09-01T21:23:38Z,"Cross-Site Scripting in buefy",buefy,0,0.7.2,,HIGH,CWE-79,
 GHSA-xx4c-jj58-r7x6,2021-11-19T20:14:23Z,"Inefficient Regular Expression Complexity in Validator.js",validator,11.1.0,13.7.0,,MODERATE,CWE-1333,
+GHSA-xxj4-96ph-g6j6,2026-03-31T12:31:36Z,"Duplicate Advisory: OpenClaw: Sandbox `writeFile` commit could race outside the validated path",openclaw,0,2026.3.11,,MODERATE,CWE-367,