GHSA-P3PV-C954-9M6F Duplicate Advisory: OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c28g-vh7m-fm7v. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.21 contains an authorization bypass vulnerability in command-auth.ts that allows non-owner...

GHSA-35VF-VW9F-Q3CR Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r6xh-pqhr-v4xh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request...

Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

GHSA-J42Q-R6QX-XRFP Duplicate Advisory: OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-52q4-3xjc-6778. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Google Chat group policy enforcement that...

GHSA-C3F2-QG8V-25Q2 Duplicate Advisory: Unfurl's unbounded zlib decompression allows decompression bomb DoS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h5qv-qjv4-pc5m. This link is maintained to preserve external references. Original Description Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parsecompressed.py that allows remote...

GHSA-8H8F-7CXM-M38J Duplicate Advisory: OpenClaw: Windows media loaders accepted remote-host file URLs before local path validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h3x4-hc5v-v2gm. This link is maintained to preserve external references. Original Description OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment...

GHSA-6Q2V-VFWP-PVWH Duplicate Advisory: OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vhwf-4x96-vqx2. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the...

Duplicate Advisory: OpenClaw's system.run allowlist bypass via shell line-continuation command substitution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9868-vxmx-w862. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run that allows attackers to...

GHSA-387C-QMRW-59QV Duplicate Advisory: Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external references. Original Description Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally...

GHSA-C8GQ-RHQH-WGWM Duplicate Advisory: .NET Denial of Service Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-73j8-2gch-69rq. This link is maintained to preserve external references. Original Description Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network...

Duplicate Advisory: Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-crjq-wm6x-6qx7. This link is maintained to preserve external references. Original Description Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally...

Duplicate Advisory: HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hj7x-879w-vrp7. This link is maintained to preserve external references. Original Description An HTTP Request Smuggling vulnerability CWE-444 has been found in Pingora's parsing of HTTP/1.0 and Transfer-Encoding...

Duplicate Advisory: Nest has a Fastify URL Encoding Middleware Bypass

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r4wm-x892-vjmx. This link is maintained to preserve external references. Original Description A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when...

GHSA-8RGQ-M2PM-JVMG Duplicate Advisory: gix-date can create non-utf8 string with `TimeBuf::as_str`

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6mw6-mj76-grwc. This link is maintained to preserve external references. Original Description A flaw was found in gix-date. The gixdate::parse::TimeBuf::asstr function can generate strings containing invalid...

GHSA-86RF-68F4-2CPH Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

Duplicate Advisory: Reflected XSS in go-httpbin due to unrestricted client control over Content-Type

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-528q-4pgm-wvg2. This link is maintained to preserve external references. Original Description A cross-site scripting XSS vulnerability in mccutchen httpbin v2.17.1 allows attackers to execute arbitrary web scrip...

GHSA-P4F6-H8JJ-VFVF Duplicate Advisory: Reflected XSS in go-httpbin due to unrestricted client control over Content-Type

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-528q-4pgm-wvg2. This link is maintained to preserve external references. Original Description A cross-site scripting XSS vulnerability in mccutchen httpbin v2.17.1 allows attackers to execute arbitrary web scrip...

GHSA-46J5-6FG5-4GV3 Duplicate Advisory: Nodemailer is vulnerable to DoS through Uncontrolled Recursion

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rcmh-qjqh-p98v. This link is maintained to preserve external references. Original Description A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header...

Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w3q9-fxm7-j8fq. This link is maintained to preserve external references. Original Description Improper link resolution before file access 'link following' in .NET allows an authorized attacker to elevate...

Duplicate Advisory: Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwq6-fmvp-qp68. This link is maintained to preserve external references. Original Description Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose...