Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 163+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
OpenClaw Fix: Restriction of Python Package Index Env Vars to Prevent Malicious Redirects
github.com · 2026-04-29
OpenClaw
Read more
Premium intel
High
OpenCLaw Device Pairing Bypass Vulnerability and Fix
github.com · 2026-04-29
OpenClaw (all versions with device bootstrap setup code)
Read more
High
OpenClaw Platform Privilege Escalation via Phone Control Plugin
github.com · 2026-04-29
OpenClaw phone-control plugin · OpenClaw talk-voice plugin
Read more
High
OpenShell Sandbox Escape Vulnerability Fix and Boundary Hardening Analysis
github.com · 2026-04-29
OpenShell v2026.4.26 to v2026.3.31-beta.1
Read more
Premium intel
High
Fix for Gateway Plugin Runtime Scope Privilege Escalation
github.com · 2026-04-29
openclaw/openclaw v2026.4.26 · openclaw/openclaw v2026.3.31
Read more
Medium
openclaw npm package /phone arm/disarm Bypasses operator.admin Scope Check
github.com · 2026-04-29
openclaw <=2026.3.24
Read more
High
OpenClaw Compiler Path Override Vulnerability and Fix
github.com · 2026-04-29
openclaw
Read more
Premium intel
Unknown
OpenClaw Gateway Tool Whitelist and Event Trust Boundary Fix
github.com · 2026-04-29
OpenClaw Gateway
Read more
High
Matrix Thread/Reply Context Filter Bypass Fix
github.com · 2026-04-29
openclaw/openclaw
Read more
High
openlaw/openclaw diffs extension unauthorized access vulnerability and fix
github.com · 2026-04-29
openclaw/openclaw v2026.4.26 to v2026.3.31-beta.1
Read more
High
OpenClaw Discord Plugin Unauthorized Access Vulnerability and Fix
github.com · 2026-04-29
openclaw/discord-plugin <= audio preflight with member access check
Read more
Premium intel
Medium
Fix for unbound scopes cleanup in trusted-proxy auth bypass
github.com · 2026-04-29
openclaw/openclaw
Read more
Premium intel
High
Privilege Escalation: /voice set config allows config write without operator.admin scope
github.com · 2026-04-29
openclaw/openclaw extensions/talk-voice/index.ts
Read more
Premium intel
Unknown
OpenShell Plugin Path Traversal Fix: Enforcing Managed Remote Root Constraints
github.com · 2026-04-29
openclaw/openclaw
Read more
High
CLI Backend Environment Variable Injection Vulnerability and Fix
github.com · 2026-04-29
openclaw/openclaw
Read more
Unknown
Canvas AZUI Operation Scheduling URL Trust Bypass Fix
github.com · 2026-04-29
openclaw/openclaw Canvas app (iOS) versions before fix #58471
Read more
High
MS Teams Webhook Unauthenticated Access Vulnerability Fix Analysis
github.com · 2026-04-29
openclaw/openclaw
Read more
High
macOS MagicDNS Wide-Area Gateway Discovery Vulnerability and Fix
github.com · 2026-04-29
openclaw
Read more
High
OpenClaw Plugin Install Security Scan Bypass Fix
github.com · 2026-04-29

# Vulnerability Summary ## Overview This commit fixes an issue where the installation of OpenClaw plugins was not correctly blocked when security scans failed. Specifically, it includes: - Fixing the …

Read more
High
Fix for Timing Attack in Webhook Secret Comparison Across Multiple Modules
github.com · 2026-04-29
openclaw/openclaw
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.