Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 163+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
High
openclaw heartbeat module owner-only auth inheritance fix
github.com · 2026-04-21
openclaw heartbeat module
Read more
High
OpenClaw Environment Variable Injection Vulnerability and Fix
github.com · 2026-04-21
OpenClaw (versions prior to commit 4d912e0)
Read more
Medium
Fix remote URL reset logic in onboard-remote command
github.com · 2026-04-21
openclaw/openclaw < commit 2a75416
Read more
High
OpenClaw Sandbox Symlink Escape Vulnerability and Fix
github.com · 2026-04-21
OpenClaw (all versions with sandbox functionality)
Read more
High
Fix for Untrusted Workspace Channel Shadows Vulnerability in VS Code
github.com · 2026-04-21
openclaw/openclaw
Read more
High
OpenClaw Ollama SSRF Vulnerability and Fix
github.com · 2026-04-21
OpenClaw
Read more
High
OpenClaw Telegram Audio Preflight Authorization Bypass
github.com · 2026-04-21
OpenClaw (Telegram integration)
Read more
High
Fix: Tool name normalization and conflict detection in media transfer
github.com · 2026-04-21
openclaw/openclaw
Read more
Medium
OpenClaw Webchat Local File Path Restriction Bypass Fix
github.com · 2026-04-21
openclaw v2026.4.19-beta.2 and earlier
Read more
Medium
OpenClaw Webchat Local Root Path Bypass Vulnerability (LFI/UNC)
github.com · 2026-04-21
OpenClaw >= 2026.4.7, < 2026.4.15
Read more
High
Bluebubbles Webhook IP Spoofing Bypasses Rate Limiting Fix
github.com · 2026-04-10
Bluebubbles
Read more
Premium intel
High
openwisp openwisp-wifi-control-lts Gateway Privilege Escalation via Silent Reconnect
github.com · 2026-04-10
openwisp/openwisp-wifi-control-lts
Read more
High
Mattermost Fix for Google Chat/Mattermost Integration Token Validation Bypass
github.com · 2026-04-10
openclaw/openclaw
Read more
High
OpenClaw Telegram Webhook Brute-Force Vulnerability Fix and Rate Limiting
github.com · 2026-04-10
OpenClaw (all instances with Telegram Webhook functionality enabled)
Read more
Medium
Feishu Webhook Signature Verification Bypass and DoS Fix
github.com · 2026-04-10
openclaw
Read more
High
Tlon DM and Group Invite Allowlist Logic Flaw Fix
github.com · 2026-04-10
OpenClaw (Tlon integration)
Read more
High
Fix for DoS vulnerability in fetchRemoteMedia via size/timeout limits
github.com · 2026-04-10

### Vulnerability Key Information Summary **1. Vulnerability Overview** This commit fixes a potential security vulnerability involving the lack of limits on response body size and read timeouts when p…

Read more
Premium intel
High
OpenWrt/OpenClaw Gateway Trusted-Proxy Privilege Escalation Fix
github.com · 2026-04-10
OpenWrt/OpenClaw gateway service (src/gateway/server) · OpenClaw <unnamed> <unnamed>
Read more
Low
BlueBubbles Extension Group Reaction Notification Logic Fix
github.com · 2026-04-10

### Vulnerability Summary **Vulnerability Overview** A logical flaw exists in the BlueBubbles extension when handling group message reactions. When the "send notifications only on mention" (`requireMe…

Read more
Unknown
Fix for Gateway Subagent Session Deletion Privilege Escalation
github.com · 2026-04-10
openclaw
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.