GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
405 advisories
Scriban: Sandbox escape due to TypedObjectAccessorcache bypassing MemberFilter after TemplateContext reuse
Critical
GHSA-5wr9-m6jw-xx44
was published
for
scriban
(NuGet)
Mar 24, 2026
A PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript Execution
Moderate
CVE-2026-33622
was published
for
github.com/pinchtab/pinchtab/cmd/pinchtab
(Go)
Mar 24, 2026
Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)
Moderate
CVE-2026-32947
was published
for
step-security/harden-runner
(GitHub Actions)
Mar 17, 2026
Egress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)
Moderate
CVE-2026-32946
was published
for
step-security/harden-runner
(GitHub Actions)
Mar 17, 2026
ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack
High
CVE-2026-28500
was published
for
onnx
(pip)
Mar 16, 2026
kora-lib: Unrecognized Instruction Types Create Empty Stubs That Bypass Fee Payer Policy
Moderate
GHSA-x442-m7cc-hr92
was published
for
kora-lib
(Rust)
Mar 12, 2026
Parse Server has denylist `requestKeywordDenylist` keyword scan bypass through nested object placement
Moderate
CVE-2026-30938
was published
for
parse-server
(npm)
Mar 10, 2026
OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions
Moderate
CVE-2026-27646
was published
for
openclaw
(npm)
Mar 9, 2026
Fickling has `always_check_safety()` bypass: pickle.loads and _pickle.loads remain unhooked
High
GHSA-wccx-j62j-r448
was published
for
fickling
(pip)
Mar 4, 2026
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode
Low
GHSA-8mf7-vv8w-hjr2
was published
for
openclaw
(npm)
Mar 3, 2026
PickleScan has multiple stdlib modules with direct RCE not in blocklist
Critical
GHSA-g38g-8gr9-h9xp
was published
for
picklescan
(pip)
Mar 3, 2026
PickleScan's pkgutil.resolve_name has a universal blocklist bypass
Critical
GHSA-vvpj-8cmc-gx39
was published
for
picklescan
(pip)
Mar 3, 2026
OpenClaw: Chrome --no-sandbox disabled OS-level browser sandbox in sandbox browser container
Moderate
GHSA-43x4-g22p-3hrq
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>
Moderate
CVE-2026-32038
was published
for
openclaw
(npm)
Mar 2, 2026
n8n has a Guardrail Node Bypass
Moderate
GHSA-fvfv-ppw4-7h2w
was published
for
n8n
(npm)
Feb 26, 2026
ProTip!
Advisories are also available from the
GraphQL API