Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit b807f58cb75e · 2026-03-18T21:53:54.000Z
GHSA-57hq-95w6-v4fc GHSA-62f6-mrcj-v8h5 GHSA-gc62-2v5p-qpmp GHSA-jwf4-8wf4-jf2m GHSA-m8v2-6wwh-r4gc GHSA-p4wh-cr8m-gm6c GHSA-v3j7-34xh-6g3w GHSA-xvf4-ch4q-2m24
diff --git a/advisories/github-reviewed/2026/03/GHSA-57hq-95w6-v4fc/GHSA-57hq-95w6-v4fc.json b/advisories/github-reviewed/2026/03/GHSA-57hq-95w6-v4fc/GHSA-57hq-95w6-v4fc.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-57hq-95w6-v4fc",
-  "modified": "2026-03-18T19:37:07Z",
+  "modified": "2026-03-18T21:51:29Z",
   "published": "2026-03-17T17:24:17Z",
   "aliases": [
     "CVE-2026-32700"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/heartcombo/devise/security/advisories/GHSA-57hq-95w6-v4fc"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32700"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/heartcombo/devise/issues/5783"
@@ -67,6 +71,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-17T17:24:17Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T21:16:26Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-62f6-mrcj-v8h5/GHSA-62f6-mrcj-v8h5.json b/advisories/github-reviewed/2026/03/GHSA-62f6-mrcj-v8h5/GHSA-62f6-mrcj-v8h5.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-62f6-mrcj-v8h5",
-  "modified": "2026-03-18T01:33:52Z",
+  "modified": "2026-03-18T21:51:56Z",
   "published": "2026-03-03T22:12:20Z",
   "aliases": [
     "CVE-2026-27524"
@@ -40,13 +40,21 @@
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-62f6-mrcj-v8h5"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27524"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/commit/fbb79d4013000552d6a2c23b9613d8b3cb92f6b6"
     },
     {
       "type": "PACKAGE",
       "url": "https://github.com/openclaw/openclaw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/openclaw-prototype-pollution-via-debug-override-path"
     }
   ],
   "database_specific": {
@@ -56,6 +64,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-03T22:12:20Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T02:16:23Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-gc62-2v5p-qpmp/GHSA-gc62-2v5p-qpmp.json b/advisories/github-reviewed/2026/03/GHSA-gc62-2v5p-qpmp/GHSA-gc62-2v5p-qpmp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gc62-2v5p-qpmp",
-  "modified": "2026-03-17T17:12:35Z",
+  "modified": "2026-03-18T21:51:12Z",
   "published": "2026-03-17T17:12:34Z",
   "aliases": [
     "CVE-2026-32636"
@@ -382,6 +382,10 @@
       "type": "WEB",
       "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gc62-2v5p-qpmp"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32636"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/ImageMagick/ImageMagick"
@@ -402,6 +406,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-17T17:12:34Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T21:16:26Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-jwf4-8wf4-jf2m/GHSA-jwf4-8wf4-jf2m.json b/advisories/github-reviewed/2026/03/GHSA-jwf4-8wf4-jf2m/GHSA-jwf4-8wf4-jf2m.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jwf4-8wf4-jf2m",
-  "modified": "2026-03-18T01:25:21Z",
+  "modified": "2026-03-18T21:52:51Z",
   "published": "2026-03-04T19:44:50Z",
   "aliases": [
     "CVE-2026-22170"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22170"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd"
@@ -59,6 +63,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/openclaw/openclaw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/openclaw-bluebubbles-access-control-bypass-via-empty-allowfrom-configuration"
     }
   ],
   "database_specific": {
@@ -68,6 +76,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-04T19:44:50Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T02:16:21Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-m8v2-6wwh-r4gc/GHSA-m8v2-6wwh-r4gc.json b/advisories/github-reviewed/2026/03/GHSA-m8v2-6wwh-r4gc/GHSA-m8v2-6wwh-r4gc.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-m8v2-6wwh-r4gc",
-  "modified": "2026-03-18T01:33:29Z",
+  "modified": "2026-03-18T21:52:35Z",
   "published": "2026-03-03T23:10:01Z",
   "aliases": [
     "CVE-2026-27523"
@@ -43,13 +43,21 @@
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-m8v2-6wwh-r4gc"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27523"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/commit/b5787e4abba0dcc6baf09051099f6773c1679ec1"
     },
     {
       "type": "PACKAGE",
       "url": "https://github.com/openclaw/openclaw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/openclaw-sandbox-bind-validation-bypass-via-symlink-parent-missing-leaf-paths"
     }
   ],
   "database_specific": {
@@ -60,6 +68,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-03T23:10:01Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T02:16:23Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-p4wh-cr8m-gm6c/GHSA-p4wh-cr8m-gm6c.json b/advisories/github-reviewed/2026/03/GHSA-p4wh-cr8m-gm6c/GHSA-p4wh-cr8m-gm6c.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p4wh-cr8m-gm6c",
-  "modified": "2026-03-18T01:32:40Z",
+  "modified": "2026-03-18T21:50:28Z",
   "published": "2026-03-03T21:36:16Z",
   "aliases": [
     "CVE-2026-22217"
@@ -40,9 +40,21 @@
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-p4wh-cr8m-gm6c"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22217"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/ff10fe8b91670044a6bb0cd85deb736a0ec8fb55"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/openclaw/openclaw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/openclaw-arbitrary-binary-execution-via-shell-environment-variable-trusted-prefix-fallback"
     }
   ],
   "database_specific": {
@@ -53,6 +65,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-03T21:36:16Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T02:16:23Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-v3j7-34xh-6g3w/GHSA-v3j7-34xh-6g3w.json b/advisories/github-reviewed/2026/03/GHSA-v3j7-34xh-6g3w/GHSA-v3j7-34xh-6g3w.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-v3j7-34xh-6g3w",
-  "modified": "2026-03-18T01:29:44Z",
+  "modified": "2026-03-18T21:52:16Z",
   "published": "2026-03-03T21:50:34Z",
   "aliases": [
     "CVE-2026-22174"
@@ -43,13 +43,21 @@
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22174"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad"
     },
     {
       "type": "PACKAGE",
       "url": "https://github.com/openclaw/openclaw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe"
     }
   ],
   "database_specific": {
@@ -60,6 +68,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-03T21:50:34Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T02:16:21Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/03/GHSA-xvf4-ch4q-2m24/GHSA-xvf4-ch4q-2m24.json b/advisories/github-reviewed/2026/03/GHSA-xvf4-ch4q-2m24/GHSA-xvf4-ch4q-2m24.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xvf4-ch4q-2m24",
-  "modified": "2026-03-16T16:37:42Z",
+  "modified": "2026-03-18T21:51:20Z",
   "published": "2026-03-16T16:37:42Z",
   "aliases": [
     "CVE-2026-32638"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/withstudiocms/studiocms/security/advisories/GHSA-xvf4-ch4q-2m24"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32638"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/withstudiocms/studiocms/commit/aebe8bcb3618bb07c6753e3f5c982c1fe6adea64"
@@ -63,6 +67,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2026-03-16T16:37:42Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-03-18T21:16:26Z"
   }
 }
