An open index of dependabot pull requests across open source projects.

Security Advisories

Browse security advisories and track which Dependabot PRs address them.

28,691

Total Advisories

2,459

With Dependabot PRs

3,933

Critical Severity

10,103

High Severity

Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users
GHSA-9gjv-jvm7-vv2v MODERATE about 2 hours ago
## Summary Users with the **Guest** role could receive private sub-object data (e.g. private alternate names, private addresses, private note/cita...
pypi
No PRs yet
OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant)
GHSA-cm8v-2vh9-cxf3 LOW about 2 hours ago
## Impact GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant). Git plumbing environment variab...
npm
No PRs yet
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts
GHSA-9hfr-gw99-8rhx CVE-2026-40069 HIGH about 2 hours ago
# ARC broadcaster treats failure statuses as successful broadcasts ## Summary `BSV::Network::ARC`'s failure detection only recognises `REJECTED` ...
rubygems
No PRs yet
bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)
GHSA-hc36-c89j-5f4j CVE-2026-40070 HIGH about 2 hours ago
# Unverified certifier signatures persisted by `acquire_certificate` ## Affected packages Both `bsv-sdk` and `bsv-wallet` are published from the ...
rubygems
No PRs yet
Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()
GHSA-95h2-gj7x-gx9w CVE-2026-39315 MODERATE about 2 hours ago
##EVIDENCE <img width="1900" height="855" alt="Screenshot_2026-03-25_090729" src="https://github.com/user-attachments/assets/3da93464-1caf-46ca-81...
npm
No PRs yet
Wasmtime has out-of-bounds write or crash when transcoding component model strings
GHSA-394w-hwhg-8vgm CVE-2026-35195 MODERATE about 2 hours ago
### Impact Wasmtime's implementation of transcoding strings between components contains a bug where the return value of a guest component's `reall...
cargo
No PRs yet
Wasmtime has data leakage between pooling allocator instances
GHSA-6wgr-89rj-399p CVE-2026-34988 LOW about 2 hours ago
### Impact Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be ...
cargo
No PRs yet
Wasmtime has use-after-free bug after cloning `wasmtime::Linker`
GHSA-hfr4-7c6c-48w2 CVE-2026-34983 LOW about 2 hours ago
### Impact In version 43.0.0 of the `wasmtime` crate, cloning a `wasmtime::Linker` is unsound and can result in use-after-free bugs. This bug is ...
cargo
No PRs yet
Wasmtime: Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift
GHSA-jhxm-h53p-jm7w CVE-2026-34971 CRITICAL about 2 hours ago
### Impact Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that th...
cargo
No PRs yet
Wasmtime has host panic when Winch compiler executes `table.fill`
GHSA-q49f-xg75-m9xw CVE-2026-34946 MODERATE about 2 hours ago
### Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the `table.fill` instruction can result in a host panic. Th...
cargo
No PRs yet
Wasmtime has host data leakage with 64-bit tables and Winch
GHSA-m9w2-8782-2946 CVE-2026-34945 LOW about 2 hours ago
### Impact Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the...
cargo
No PRs yet
Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
GHSA-qqfj-4vcm-26hv CVE-2026-34944 MODERATE about 2 hours ago
On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the `f64x2.splat` WebAssembly instruction with Cranelift may load 8 more bytes tha...
cargo
No PRs yet
Wasmtime has a possible panic when lifting `flags` component value
GHSA-m758-wjhj-p3jq CVE-2026-34943 MODERATE about 2 hours ago
### Impact Wasmtime contains a possible panic which can happen when a `flags`-typed component model value is lifted with the `Val` type. If bits a...
cargo
No PRs yet
Wasmtime: Panic when transcoding misaligned utf-16 strings
GHSA-jxhv-7h78-9775 CVE-2026-34942 MODERATE about 2 hours ago
### Impact Wasmtime's implementation of transcoding strings into the Component Model's `utf16` or `latin1+utf16` encodings improperly verified the...
cargo
No PRs yet
Wasmtime: Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding
GHSA-hx6p-xpx3-jvvv CVE-2026-34941 MODERATE about 2 hours ago
### Summary Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorre...
cargo
No PRs yet
OpenClaw: Multiple Code Paths Missing Base64 Pre-Allocation Size Checks
GHSA-ccx3-fw7q-rr2r MODERATE about 5 hours ago
## Impact Multiple Code Paths Missing Base64 Pre-Allocation Size Checks. Several base64 decode paths could allocate before enforcing decoded-size...
npm
No PRs yet
OpenClaw B-M3: ClawHub package downloads are not enforced with integrity verification
GHSA-3vvq-q2qc-7rmp MODERATE about 5 hours ago
## Impact B-M3: ClawHub package downloads are not enforced with integrity verification. ClawHub downloads could install plugin archives without e...
npm
No PRs yet
OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects
GHSA-qx8j-g322-qj6m HIGH about 5 hours ago
## Impact `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects. A guarded fetch could resend unsafe request bodies or...
npm
No PRs yet
OpenClaw Host-Exec Environment Variable Injection
GHSA-w9j9-w4cp-6wgr MODERATE about 5 hours ago
## Impact OpenClaw Host-Exec Environment Variable Injection. Host exec could inherit environment variables that influence interpreters, shells, o...
npm
No PRs yet
OpenClaw: Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable
GHSA-w8g9-x8gx-crmm MODERATE about 5 hours ago
## Impact Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable. Strict browser SSRF checks could miss Play...
npm
No PRs yet
OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`
GHSA-4f8g-77mw-3rxc LOW about 5 hours ago
## Impact Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`. Plugin HTTP routes ...
npm
No PRs yet
OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation
GHSA-vr5g-mmx7-h897 MODERATE about 5 hours ago
## Impact Browser SSRF Policy Bypass via Interaction-Triggered Navigation. Browser interactions could trigger navigations that bypassed the norma...
npm
No PRs yet
OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval
GHSA-67mf-f936-ppxf MODERATE about 5 hours ago
## Impact OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval. The p...
npm
No PRs yet
OpenClaw: Feishu docx upload_file/upload_image Bypasses Workspace-Only Filesystem Policy (GHSA-qf48-qfv4-jjm9 Incomplete Fix)
GHSA-5fc7-f62m-8983 LOW about 5 hours ago
## Impact Feishu docx upload_file/upload_image Bypasses Workspace-Only Filesystem Policy (GHSA-qf48-qfv4-jjm9 Incomplete Fix). Feishu document up...
npm
No PRs yet
OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths
GHSA-3fv3-6p2v-gxwj MODERATE about 5 hours ago
## Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through th...
npm
No PRs yet
OpenClaw: Existing WS sessions survive shared gateway token rotation
GHSA-5h3f-885m-v22w MODERATE about 5 hours ago
## Impact Existing WS sessions survive shared gateway token rotation. Rotating the shared gateway token did not disconnect existing shared-token ...
npm
No PRs yet
OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths
GHSA-25wv-8phj-8p7r LOW about 5 hours ago
## Impact Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths. Concurrent asynchron...
npm
No PRs yet
OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement
GHSA-5wj5-87vq-39xm HIGH about 5 hours ago
## Impact Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement. A previously paired node could reconnect with a br...
npm
No PRs yet
OpenClaw: /allowlist omits owner-only enforcement for cross-channel allowlist writes
GHSA-vc32-h5mq-453v MODERATE about 5 hours ago
## Impact /allowlist omits owner-only enforcement for cross-channel allowlist writes. An authorized non-owner sender could attempt allowlist writ...
npm
No PRs yet
OpenClaw: resolvedAuth closure becomes stale after config reload
GHSA-68x5-xx89-w9mm MODERATE about 5 hours ago
## Impact resolvedAuth closure becomes stale after config reload. After a config reload, newly accepted gateway connections could continue using ...
npm
No PRs yet
OpenClaw `node.invoke(browser.proxy)` bypasses `browser.request` persistent profile-mutation guard
GHSA-cmfr-9m2r-xwhq MODERATE about 5 hours ago
## Impact OpenClaw `node.invoke(browser.proxy)` bypasses `browser.request` persistent profile-mutation guard. node.invoke(browser.proxy) could mu...
npm
No PRs yet
OpenClaw `device.token.rotate` mints tokens for unapproved roles, bypassing device role-upgrade pairing
GHSA-whf9-3hcx-gq54 MODERATE about 5 hours ago
## Impact OpenClaw `device.token.rotate` mints tokens for unapproved roles, bypassing device role-upgrade pairing. Device token rotation could mi...
npm
No PRs yet
OpenClaw: Shared reply MEDIA - paths are treated as trusted and can trigger cross-channel local file exfiltration
GHSA-qqq7-4hxc-x63c MODERATE about 5 hours ago
## Impact Shared reply MEDIA: paths are treated as trusted and can trigger cross-channel local file exfiltration. A crafted shared reply MEDIA re...
npm
No PRs yet
OpenClaw: strictInlineEval explicit-approval boundary bypassed by approval-timeout fallback on gateway and node exec hosts
GHSA-q2gc-xjqw-qp89 MODERATE about 5 hours ago
## Impact strictInlineEval explicit-approval boundary bypassed by approval-timeout fallback on gateway and node exec hosts. The approval-timeout ...
npm
No PRs yet
MinIO affected a DoS via Unbounded Memory Allocation in S3 Select CSV Parsing
GHSA-h749-fxx7-pwpg CVE-2026-39414 HIGH about 5 hours ago
### Impact _What kind of vulnerability is it? Who is impacted?_ MinIO's S3 Select feature is vulnerable to memory exhaustion when processing CSV ...
go
No PRs yet
Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF
GHSA-3p68-rc4w-qgx5 CVE-2025-62718 CRITICAL about 5 hours ago
Axios does not correctly handle hostname normalization when checking `NO_PROXY` rules. Requests to loopback addresses like `localhost.` (with a tra...
npm
No PRs yet
fast-jwt has a ReDoS when using RegExp in allowed* leading to CPU exhaustion during token verification
GHSA-cjw9-ghj4-fwxf CVE-2026-35041 MODERATE about 6 hours ago
## ⚠️ IMPORTANT CLARIFICATIONS ### Affected Configurations This vulnerability ONLY affects applications that: - Use RegExp objects (not stri...
npm
No PRs yet
fast-jwt: Stateful RegExp (/g or /y) causes non-deterministic allowed-claim validation (logical DoS)
GHSA-3j8v-cgw4-2g6q CVE-2026-35040 MODERATE about 6 hours ago
## Impact Using certain modifiers on RegExp objects in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options in verify funct...
npm
No PRs yet
OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)
GHSA-7437-7hg8-frrw HIGH about 8 hours ago
## Impact HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHS...
npm
No PRs yet
OpenClaw: Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel
GHSA-jf56-mccx-5f3f HIGH about 8 hours ago
## Impact Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel. An authenticated wake ho...
npm
No PRs yet
OpenClaw: Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `exec-event` downgrade
GHSA-gfmx-pph7-g46x HIGH about 8 hours ago
## Impact Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `ex...
npm
No PRs yet
PraisonAI Vulnerable to OS Command Injection
GHSA-2763-cj5r-c79m CVE-2026-40088 CRITICAL 1 day ago
The `execute_command` function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-gen...
pypi
No PRs yet
OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response
GHSA-68m9-983m-f3v5 MODERATE 1 day ago
### Description When OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the ...
go
No PRs yet
LangChain has incomplete f-string validation in prompt templates
GHSA-926x-3r5x-gfhw CVE-2026-40087 MODERATE 1 day ago
LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates an...
pypi
No PRs yet
Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
GHSA-2679-6mx9-h9xc CVE-2026-39987 CRITICAL 1 day ago
## Summary Marimo (19.6k stars) has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint `/terminal/ws` lacks authentication validation, ...
pypi
No PRs yet
Pretext: Algorithmic Complexity (DoS) in the text analysis phase
GHSA-5478-66c3-rhxr HIGH 1 day ago
`isRepeatedSingleCharRun()` in `src/analysis.ts` (line 285) re-scans the entire accumulated segment on every merge iteration during text analysis, ...
npm
No PRs yet
basic-ftp has FTP Command Injection via CRLF
GHSA-chqc-8p9q-pq6q CVE-2026-39983 HIGH 1 day ago
## Summary `basic-ftp` version `5.2.0` allows FTP command injection via CRLF sequences (`\r\n`) in file path parameters passed to high-level path ...
npm
48
Dependabot PRs
AGiXT Vulnerable to Path Traversal in safe_join()
GHSA-5gfj-64gh-mgmw CVE-2026-39981 HIGH 1 day ago
### Summary The safe_join() function in the essential_abilities extension fails to validate that resolved file paths remain within the designated a...
pypi
No PRs yet
Laravel Passport: TokenGuard Authenticates Unrelated User for Client Credentials Tokens
GHSA-349c-2h2f-mxf6 HIGH 1 day ago
### Impact Authentication Bypass for `client_credentials` tokens. the league/oauth2-server library sets the JWT sub claim to the client identifier ...
packagist
No PRs yet
n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode
GHSA-4ggg-h7ph-26qr CVE-2026-39974 HIGH 1 day ago
## Impact An authenticated Server-Side Request Forgery in `n8n-mcp` allows a caller holding a valid `AUTH_TOKEN` to cause the server to issue HTTP ...
npm
No PRs yet