GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
86 advisories
PySpector has a Plugin Sandbox Bypass leads to Arbitrary Code Execution
High
CVE-2026-33139
was published
for
pyspector
(pip)
Mar 18, 2026
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
Critical
CVE-2026-32940
was published
for
github.com/siyuan-note/siyuan
(Go)
Mar 17, 2026
SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets
Moderate
CVE-2026-32747
was published
for
github.com/siyuan-note/siyuan/kernel
(Go)
Mar 16, 2026
fickling's `platform` module subprocess invocation evades `check_safety()` with `LIKELY_SAFE`
Moderate
GHSA-5cxw-w2xg-2m8h
was published
for
fickling
(pip)
Mar 13, 2026
fickling modules linecache, difflib and gc are missing from the unsafe modules blocklist
Moderate
GHSA-r48f-3986-4f9c
was published
for
fickling
(pip)
Mar 13, 2026
OpenClaw: fetch-guard forwards custom authorization headers across cross-origin redirects
High
GHSA-6mgf-v5j7-45cr
was published
for
openclaw
(npm)
Mar 9, 2026
OpenClaw's system.run allowlist approval parsing missed PowerShell encoded-command wrappers
Moderate
GHSA-3h2q-j2v4-6w5r
was published
for
openclaw
(npm)
Mar 9, 2026
SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality
High
GHSA-5r2p-pjr8-7fh7
was published
for
sagemaker
(pip)
Mar 5, 2026
Fickling missing RCE-capable modules in UNSAFE_IMPORTS
High
GHSA-5hwf-rc88-82xm
was published
for
fickling
(pip)
Mar 4, 2026
In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program
High
CVE-2026-32010
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw exec allowlist safeBins short-option bypass could permit arbitrary file write
Moderate
CVE-2026-32017
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's tools.exec.safeBins sort long-option abbreviation bypass can skip exec approval in allowlist mode
High
CVE-2026-32059
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL
High
CVE-2026-22217
was published
for
openclaw
(npm)
Mar 3, 2026
Craft CMS has Twig Function Blocklist Bypass
Moderate
CVE-2026-28783
was published
for
craftcms/cms
(Composer)
Mar 3, 2026
PickleScan has multiple stdlib modules with direct RCE not in blocklist
Critical
GHSA-g38g-8gr9-h9xp
was published
for
picklescan
(pip)
Mar 3, 2026
PickleScan's profile.run blocklist mismatch allows exec() bypass
Critical
GHSA-7wx9-6375-f5wh
was published
for
picklescan
(pip)
Mar 3, 2026
OpenClaw safeBins grep -e File Read Bypass (stdin-only policy bypass)
Moderate
CVE-2026-32022
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has allowlist exec-guard bypass via env -S
Moderate
CVE-2026-31992
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw's exec allow-always can be bypassed via unrecognized multiplexer shell wrappers (busybox/toybox sh -c)
Moderate
CVE-2026-22175
was published
for
openclaw
(npm)
Mar 2, 2026
OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains
Low
CVE-2026-31993
was published
for
openclaw
(npm)
Mar 2, 2026
Fickling has safety check bypass via REDUCE+BUILD opcode sequence
Moderate
GHSA-mhc9-48gj-9gp3
was published
for
fickling
(pip)
Feb 25, 2026
ProTip!
Advisories are also available from the
GraphQL API