npm vulnerabilities | Corgea Advisories

LOW 2.5

npm

GHSA-g7r4-m6w7-qqqr

esbuild allows arbitrary file read when running the development server on Windows

Jun 12, 2026

LOW 3.7

npm

CVE-2026-44489

Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix

May 29, 2026

LOW 3.5

npm

CVE-2026-48051

Papra HTTP redirect bypass can lead to SSRF via webhook delivery system

Jun 10, 2026

LOW 2.0

npm

CVE-2026-46549

NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

May 21, 2026

LOW 3.3

npm

CVE-2026-3449

@tootallnate/once vulnerable to Incorrect Control Flow Scoping

Mar 3, 2026

LOW 3.7

npm

CVE-2026-44589

nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)

May 7, 2026

LOW 3.7

npm

CVE-2026-44582

Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting

May 11, 2026

LOW 3.8

npm

CVE-2026-44459

Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()

May 9, 2026

LOW 3.7

npm

CVE-2026-44572

Next.js's Middleware / Proxy redirects can be cache-poisoned

May 11, 2026

LOW 3.7

npm

CVE-2026-8026

Flowise: Bcrypt Password Hash Exposure

May 6, 2026

LOW 3.7

npm

GHSA-6477-wvjj-47v6

Duplicate Advisory: OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders

Apr 24, 2026

LOW 3.7

npm

CVE-2026-41333

OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

Apr 3, 2026

LOW 3.7

npm

GHSA-r27j-894h-3w3p

mcp-data-vis vulnerable to denial of service via unsanitized `select` key lookup on `Object.prototype` with `precompile: true`

May 6, 2026

LOW 3.7

npm

CVE-2026-42040

Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams

May 5, 2026

LOW 3.7

npm

CVE-2026-41407

OpenClaw: Shared-secret comparison call sites leaked length information through timing

Apr 7, 2026

LOW 3.7

npm

CVE-2026-41913

OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths

Apr 9, 2026

LOW 3.7

npm

GHSA-w9f5-8q83-qwpx

Duplicate Advisory: OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

Apr 24, 2026

LOW 3.2

npm

GHSA-qmq6-f8pr-cx5x

Duplicate Advisory: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

Apr 23, 2026

LOW 2.2

npm

CVE-2026-41321

Cloudflare has SSRF via redirect following through its image-binding-transform endpoint (incomplete fix for GHSA-qpr4)

Apr 23, 2026

LOW 3.5

npm

CVE-2020-15228

Environment Variable Injection in GitHub Actions

Oct 1, 2020

LOW 3.8

npm

CVE-2020-4066

Command Injection in Limdu

Jun 22, 2020

LOW 3.7

npm

CVE-2026-33877

ApostropheCMS: User Enumeration via Timing Side Channel in Password Reset Endpoint

Apr 16, 2026

LOW 3.7

npm

CVE-2026-39321

Parse Server has a login timing side-channel reveals user existence

Apr 8, 2026

LOW 3.7

npm

CVE-2026-35648

OpenClaw may have stale policy enforcement for queued node actions

Mar 26, 2026

LOW 3.5

npm

CVE-2026-6216

DbGate has cross site scripting via the SVG Icon String Handler component

Apr 13, 2026

LOW 3.7

npm

CVE-2026-34166

LiquidJS Has Memory Limit Bypass via Quadratic Amplification in `replace` Filter

Apr 8, 2026

LOW 2.8

npm

CVE-2026-34781

Electron: Crash in clipboard.readImage() on malformed clipboard image data

Apr 7, 2026

LOW 2.5

npm

CVE-2026-32970

OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode

Mar 13, 2026

LOW 2.5

npm

GHSA-vm29-7mq3-9jrg

Duplicate Advisory: OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode

Mar 31, 2026

LOW 2.3

npm

CVE-2026-34764

Electron: Use-after-free in offscreen shared texture release() callback

Apr 3, 2026

LOW 3.9

npm

CVE-2026-34768

Electron: Unquoted executable path in app.setLoginItemSettings on Windows

Apr 3, 2026

LOW 3.3

npm

CVE-2026-34766

Electron: USB device selection not validated against filtered device list

Apr 3, 2026

LOW 3.1

npm

CVE-2026-2366

Keycloak vulnerable to authorization bypass via the Admin API

Mar 12, 2026

LOW 3.1

npm

GHSA-g86v-f9qv-rh6m

OpenClaw SSRF guard misses four IPv6 special-use ranges

Mar 31, 2026

LOW 3.7

npm

GHSA-442j-39wm-28r2

Handlebars.js has a Property Access Validation Bypass in container.lookup

Mar 29, 2026

LOW 3.7

npm

CVE-2026-32067

OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access

Mar 4, 2026

LOW 2.6

npm

CVE-2026-32058

OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows

Mar 2, 2026

LOW 3.7

npm

CVE-2026-33490

h3: Missing Path Segment Boundary Check in `mount()` Causes Middleware Execution on Unrelated Prefix-Matching Routes

Mar 20, 2026

LOW 2.6

npm

GHSA-cjq8-m7wj-xmq9

Duplicate Advisory: OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows

Mar 21, 2026

LOW 3.7

npm

GHSA-86jj-29wc-7q2w

Duplicate Advisory: OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Mar 21, 2026

LOW 3.7

npm

GHSA-8mr2-f9wf-hcfq

Duplicate Advisory: OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback

Mar 21, 2026

LOW 3.7

npm

CVE-2026-31991

OpenClaw has Signal group allowlist authorization bypass via DM pairing-store leakage

Mar 2, 2026

LOW 3.7

npm

CVE-2026-32028

OpenClaw: Discord DM reaction ingress missed dmPolicy/allowFrom checks in restricted setups

Mar 3, 2026

LOW 3.7

npm

GHSA-r849-826x-wgqm

Duplicate Advisory: Signal group allowlist authorization bypass via DM pairing-store leakage

Mar 19, 2026

LOW 3.3

npm

CVE-2026-32020

OpenClaw's Control UI Static File Handler Follows Symlinks and Allows Out-of-Root File Read

Mar 2, 2026

LOW 3.6

npm

CVE-2026-31996

OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags

Feb 19, 2026

LOW 3.6

npm

GHSA-ggm6-h3mx-cmmp

Duplicate Advisory: safeBins stdin-only bypass via sort output and recursive grep flags

Mar 19, 2026

LOW 3.3

npm

GHSA-xjj9-2w6f-jg55

Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure

Mar 12, 2026

LOW 2.7

npm

CVE-2026-32638

StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens

Mar 16, 2026

LOW 3.7

npm

CVE-2026-2391

qs's arrayLimit bypass in comma parsing allows denial of service

Feb 12, 2026

LOW 3.7

npm

CVE-2020-4051

Cross-site Scripting in dijit editor's LinkDialog plugin

Jun 15, 2020

LOW 3.7

npm

CVE-2021-32696

Passing in a non-string 'html' argument can lead to unsanitized output

Jun 18, 2021

LOW 2.6

npm

CVE-2021-21320

User content sandbox can be confused into opening arbitrary documents

Mar 3, 2021

LOW 3.1

npm

CVE-2019-16772

Cross-Site Scripting in serialize-to-js

Dec 6, 2019

LOW 3.7

npm

CVE-2021-43862

jquery.terminal self XSS on user input

Jan 6, 2022

LOW 3.7

npm

CVE-2021-43838

Regular Expression Denial of Service (ReDoS) in jsx-slack

Dec 17, 2021

LOW 3.7

npm

CVE-2020-15262

Unprotected dynamically loaded chunks

Oct 19, 2020

LOW 2.6

npm

CVE-2020-15168

The `size` option isn't honored after following a redirect in node-fetch

Sep 10, 2020

LOW 2.0

npm

CVE-2026-29184

@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass

Mar 5, 2026

LOW 2.7

npm

CVE-2026-29185

Backstage vulnerable to potential reading of SCM URLs using built in token

Mar 5, 2026

Know every threat before it ships

esbuild allows arbitrary file read when running the development server on Windows

Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix

Papra HTTP redirect bypass can lead to SSRF via webhook delivery system

NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

@tootallnate/once vulnerable to Incorrect Control Flow Scoping

nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)

Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting

Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()

Next.js's Middleware / Proxy redirects can be cache-poisoned

Flowise: Bcrypt Password Hash Exposure

Duplicate Advisory: OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders

OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

mcp-data-vis vulnerable to denial of service via unsanitized `select` key lookup on `Object.prototype` with `precompile: true`

Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams

OpenClaw: Shared-secret comparison call sites leaked length information through timing

OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths

Duplicate Advisory: OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

Duplicate Advisory: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

Cloudflare has SSRF via redirect following through its image-binding-transform endpoint (incomplete fix for GHSA-qpr4)

Environment Variable Injection in GitHub Actions

Command Injection in Limdu

ApostropheCMS: User Enumeration via Timing Side Channel in Password Reset Endpoint

Parse Server has a login timing side-channel reveals user existence

OpenClaw may have stale policy enforcement for queued node actions

DbGate has cross site scripting via the SVG Icon String Handler component

LiquidJS Has Memory Limit Bypass via Quadratic Amplification in `replace` Filter

Electron: Crash in clipboard.readImage() on malformed clipboard image data

OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode

Duplicate Advisory: OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode

Electron: Use-after-free in offscreen shared texture release() callback

Electron: Unquoted executable path in app.setLoginItemSettings on Windows

Electron: USB device selection not validated against filtered device list

Keycloak vulnerable to authorization bypass via the Admin API

OpenClaw SSRF guard misses four IPv6 special-use ranges

Handlebars.js has a Property Access Validation Bypass in container.lookup

OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access

OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows

h3: Missing Path Segment Boundary Check in `mount()` Causes Middleware Execution on Unrelated Prefix-Matching Routes

Duplicate Advisory: OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows

Duplicate Advisory: OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Duplicate Advisory: OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback

OpenClaw has Signal group allowlist authorization bypass via DM pairing-store leakage

OpenClaw: Discord DM reaction ingress missed dmPolicy/allowFrom checks in restricted setups

Duplicate Advisory: Signal group allowlist authorization bypass via DM pairing-store leakage

OpenClaw's Control UI Static File Handler Follows Symlinks and Allows Out-of-Root File Read

OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags

Duplicate Advisory: safeBins stdin-only bypass via sort output and recursive grep flags

Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure

StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens

qs's arrayLimit bypass in comma parsing allows denial of service

Cross-site Scripting in dijit editor's LinkDialog plugin

Passing in a non-string 'html' argument can lead to unsanitized output

User content sandbox can be confused into opening arbitrary documents

Cross-Site Scripting in serialize-to-js

jquery.terminal self XSS on user input

Regular Expression Denial of Service (ReDoS) in jsx-slack

Unprotected dynamically loaded chunks

The `size` option isn't honored after following a redirect in node-fetch

@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass

Backstage vulnerable to potential reading of SCM URLs using built in token

Start Securing