Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 163+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Fix for node-host exec-approval binding vulnerability with SHA256 hash verification
github.com · 2026-04-02
openclaw/openclaw
Read more
High
OpenClaw Sandbox Media Root Bypass Vulnerability (#5034) Analysis and Fix
github.com · 2026-04-02
OpenClaw
Read more
Low
Fix for Telegram Bot API Inbound Media Download IPv4 Fallback Logic
github.com · 2026-04-02
openclaw/openclaw
Read more
High
OpenClaw fix for bun/deno script tampering in approval workflow
github.com · 2026-04-02
OpenClaw invoke-system-run module
Read more
High
openclaw Local File Inclusion/Path Traversal Vulnerability Fix
github.com · 2026-04-02
openclaw < 4fd7feb
Read more
Premium intel
High
OpenClaw v2026.4.1 Security Fixes: CSP Bypass, Token Leakage, Command Auth Bypass
github.com · 2026-04-02
openclaw v2026.3.23 and earlier
Read more
Premium intel
Critical
OpenClaw SCP Remote Path Shell Metacharacter Injection Vulnerability and Fix
github.com · 2026-04-02
openclaw < v2026.4.1
Read more
High
OpenClaw Gateway Device Session Management Vulnerability Fix
github.com · 2026-04-02
OpenClaw Gateway
Read more
Premium intel
High
Nextcloud Talk Webhook Auth Rate Limiting Fix
github.com · 2026-04-02
openclaw/openclaw extensions/nextcloud-talk plugin
Read more
High
Local File Path Traversal/SSRF Vulnerability Fix Analysis (file:///UNC Path Bypass)
github.com · 2026-04-02
openclaw/openclaw
Read more
High
OpenClaw Zalo Extension Unauthenticated Image Download Fix
GHSA-68ceaf7 · github.com · 2026-04-02
OpenClaw Zalo extension < v2026.3.28-beta.1
Read more
High
OpenClaw Teams Message Handler Access Control Bypass Fix
github.com · 2026-04-02
openclaw extensions/msteams
Read more
Unknown
Fix: Route Group Policy Bypass in Google Chat/Zalo Extensions
github.com · 2026-04-02
openclaw
Read more
Premium intel
Medium
OpenClaw SCP Command Injection via Unfiltered iMessage Attachment Path
github.com · 2026-04-02
openclaw <=2026.3.12
Read more
Premium intel
Medium
OpenClaw Channel Commands Bypass Account-Scoped configWrites Restrictions
github.com · 2026-04-02
openclaw <= 2026.3.8
Read more
High
openclaw sandbox escape via race condition in staged writes (CWE-59/367)
github.com · 2026-04-02
openclaw <= 2026.3.8
Read more
Medium
OpenClaw writeFile TOCTOU Race Condition Sandbox Escape (GHSA-xvx8-77m6-gw6g)
GHSA-xvx8-77m6-gw6g · github.com · 2026-04-02
openclaw < 2026.3.11
Read more
Premium intel
High
OpenClaw tools.exec safeBins whitelist bypass via long-option abbreviation
github.com · 2026-02-27
openclaw/openclaw <= 2026.2.22-2
Read more
High
OpenCode OC-22 Fix Zip Slip and Symlink Following in Skill Packaging
OC-22 · github.com · 2026-02-22
openclaw < latest
Read more
High
Claude CLI Shell Injection Fix: Replacing execSync with execFileSync
github.com · 2026-02-22
openclaw/openclaw (pre-commit 66d7178)
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.