Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects @openclaw/nostr | Versions <2026.2.13
Has fix
npmPublished 18 Feb 2026
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects @openclaw/nextcloud-talk | Versions <2026.2.13
Has fix
npmPublished 18 Feb 2026
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects @openclaw/msteams | Versions <2026.2.13
Has fix
npmPublished 18 Feb 2026
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects @openclaw/feishu | Versions <2026.2.13
Has fix
npmPublished 18 Feb 2026
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects @openclaw/bluebubbles | Versions <2026.2.13
Has fix
npmPublished 18 Feb 2026
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-28454
Affects openclaw | Versions <2026.2.1
Has fix
npmPublished 18 Feb 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-28478
Affects openclaw | Versions <2026.2.14
Has fix
npmPublished 18 Feb 2026
  • H
Reliance on Untrusted Inputs in a Security DecisionCVE-2026-29610
Affects openclaw | Versions <2026.2.14
Has fix
npmPublished 18 Feb 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-26322
Affects openclaw | Versions <2026.2.14
Has fix
npmPublished 18 Feb 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-26324
Affects openclaw | Versions <2026.2.14
Has fix
npmPublished 18 Feb 2026
  • M
Command InjectionCVE-2026-28463
Affects openclaw | Versions <2026.2.14
Has fix
npmPublished 18 Feb 2026
  • C
Missing Authentication for Critical FunctionCVE-2026-28472
Affects openclaw | Versions <2026.2.2
Has fix
npmPublished 18 Feb 2026
  • H
Directory TraversalCVE-2026-28447
Affects openclaw | Versions >=2026.1.29-beta.1 <2026.2.1
Has fix
npmPublished 18 Feb 2026
  • H
Improper AuthenticationCVE-2026-28446
Affects @openclaw/voice-call | Versions <2026.2.2
Has fix
npmPublished 18 Feb 2026
  • H
Improper Following of Specification by CallerCVE-2025-69287
Affects @bsv/sdk | Versions <2.0.0
Has fix
npmPublished 18 Feb 2026
  • H
XML Entity ExpansionCVE-2026-26278
Affects fast-xml-parser | Versions >=4.1.3 <4.5.4>=5.0.0 <5.3.6
Has fix
npmPublished 18 Feb 2026
  • H
Directory TraversalCVE-2026-26960
Affects tar | Versions <7.5.8
Has fix
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects bigmathutils | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects bignumberx | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects graphkitx | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects terminalcolor256 | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects graphnetworkx | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects netstruct | Versions *
No fix available
npmPublished 18 Feb 2026
  • C
Malicious Package
Affects webpack-vite | Versions *
No fix available
npmPublished 17 Feb 2026
  • C
Malicious Package
Affects ambar-src | Versions *
No fix available
npmPublished 17 Feb 2026
  • H
Command InjectionCVE-2026-2544
Affects lu2 | Versions >=0.0.0
Has fix
npmPublished 16 Feb 2026
  • H
Arbitrary Code InjectionCVE-2026-0969
Affects next-mdx-remote | Versions >=4.3.0 <6.0.0
Has fix
npmPublished 15 Feb 2026
  • M
Improper Removal of Sensitive Information Before Storage or Transfer
Affects renovate | Versions >=42.68.1 <42.96.3>=43.0.0 <43.4.4
Has fix
npmPublished 15 Feb 2026
  • H
Missing Origin Validation in WebSocketsCVE-2025-56647
Affects @farmfe/core | Versions <1.7.6
Has fix
npmPublished 15 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-26226
Affects beautiful-mermaid | Versions <0.1.3
Has fix
npmPublished 15 Feb 2026