Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,437
Maven
5,000+
npm
5,000+
NuGet
883
pip
4,695
Pub
13
RubyGems
1,031
Rust
1,222
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal High
GHSA-cwf8-44x6-32c2 was published for openclaw (npm) Apr 3, 2026
AntAISecurityLab Credited to AntAISecurityLab
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2025-43257 was published Apr 2, 2026
OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Moderate
GHSA-fv94-qvg8-xqpw was published for openclaw (npm) Apr 2, 2026
AntAISecurityLab Credited to AntAISecurityLab
ONNX: TOCTOU arbitrary file read/write in save_external_dat High
GHSA-q56x-g2fj-4rj6 was published for onnx (pip) Apr 1, 2026
tsigouris007 Credited to tsigouris007 and kpatsakis kpatsakis kpatsakis
Claude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape Moderate
CVE-2026-34452 was published for anthropic (pip) Apr 1, 2026
@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions High
CVE-2026-34604 was published for @tinacms/graphql (npm) Apr 1, 2026
offset Credited to offset
@tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions High
CVE-2026-34603 was published for @tinacms/graphql (npm) Apr 1, 2026
offset Credited to offset
BuildKit Git URL subdir component can cause access to restricted files High
CVE-2026-33748 was published for github.com/moby/buildkit (Go) Mar 26, 2026
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7... Moderate Unreviewed
CVE-2026-28866 was published Mar 25, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 26.3 and... Moderate Unreviewed
CVE-2026-20694 was published Mar 25, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2026-20633 was published Mar 25, 2026
Duplicate Advisory: OpenClaw has browser trace/download path symlink escape in temp output handling Moderate
GHSA-ffr4-mrhv-vfr2 was published for openclaw (npm) Mar 21, 2026 withdrawn
Duplicate Advisory: OpenClaw: stageSandboxMedia destination symlink traversal can overwrite files outside sandbox workspace Moderate
GHSA-2cwr-f5hx-gg3w was published for openclaw (npm) Mar 19, 2026 withdrawn
Jenkins has a link following vulnerability allows arbitrary file creation High
CVE-2026-33001 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 18, 2026
bboe Credited to bboe
Capgo CLI: symlink-following local secret writes enable arbitrary file overwrite + world-readable credentials (0600 missing) High
GHSA-8mpm-q7mh-8fvh was published for @capgo/cli (npm) Mar 18, 2026
Judel777 Credited to Judel777
OpenClaw: Sandbox staged writes could escape the verified parent directory before commit High
GHSA-mj4p-rc52-m843 was published for openclaw (npm) Mar 13, 2026
tdjackey Credited to tdjackey
OpenClaw: Sandbox dangling-symlink alias handling could bypass workspace-only write boundary High
GHSA-qcc4-p59m-p54m was published for openclaw (npm) Mar 12, 2026
tdjackey Credited to tdjackey
OpenClaw: workspace path guard bypass on non-existent out-of-root symlink leaf High
CVE-2026-32055 was published for openclaw (npm) Mar 12, 2026
tdjackey Credited to tdjackey
Consul is vulnerable to arbitrary file read when configured with Kubernetes authentication Moderate
CVE-2026-2808 was published for github.com/hashicorp/consul (Go) Mar 12, 2026
ImageMagick has a Path Policy TOCTOU symlink race bypass Moderate
CVE-2026-28689 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
andsopwn Credited to andsopwn
Improper link resolution before file access ('link following') in Winlogon allows an authorized... High Unreviewed
CVE-2026-25187 was published Mar 10, 2026
Avira Internet Security contains an improper link resolution vulnerability in the Software... High Unreviewed
CVE-2026-27748 was published Mar 5, 2026
tar has Hardlink Path Traversal via Drive-Relative Linkpath High
CVE-2026-29786 was published for tar (npm) Mar 5, 2026
Jvr2022 Credited to Jvr2022
OpenClaw: Hardlink alias checks could bypass workspace-only file boundaries in specific configurations High
GHSA-3jx4-q2m7-r496 was published for openclaw (npm) Mar 4, 2026
tdjackey Credited to tdjackey
OpenClaw has agent avatar symlink traversal in gateway session metadata Moderate
GHSA-9mph-4f7v-fmvh was published for openclaw (npm) Mar 4, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database