ghsa
ghsa
- GHSA-72R4-9C5J-MJ57 - pnpm security control bypass
- GHSA-FR4H-3CPH-29XV - pnpm security control bypass
- GHSA-QRV3-253H-G69C - pnpm path traversal
- GHSA-72r4-9c5j-mj57 - pnpm better-node-range CPU exhaustion
- GHSA-fr4h-3cph-29xv - pnpm protocol specifier bypass
- GHSA-q6xx-5vr8-p898 - Nezha WebSocket stream ownership bypass
- GHSA-qrv3-253h-g69c - pnpm configDependencies symlink traversal
- CVE-2026-49741 - TYPO3 form framework privilege escalation and SQL injection
- CVE-2026-53999 - Radius controller confused-deputy delete
- CVE-2026-54090 - File Browser shell metacharacter command injection
- GHSA-gv7w-rqvm-qjhr - esbuild Deno binary integrity RCE
- CVE-2026-42271 - LiteLLM MCP stdio command execution
- CVE-2026-34841 - @usebruno/cli axios supply-chain RAT
- GHSA-jpvj-wpmj-h7rv - @cap-js/openapi package compromise
- GHSA-63gr-g7jc-v8rg - AgenticMail MCP HTTP auth bypass
- GHSA-hf2g-6j7h-98wg - Klever-Go direct-message goroutine DoS
- GHSA-rm5c-5x2p-48wr - Klever-Go P2P nil RawData DoS
- GHSA-w4c6-7r69-w7j9 - Klever-Go REST API slow-header DoS
- GHSA-wx3m-whqv-xv47 - skillctl path and symlink traversal
- GHSA-m99r-2hxc-cp3q - Flowise MCP security bypass RCE
- GHSA-6xcp-7mpr-m7wm - Open WebUI CORS and session RCE chain
- GHSA-v6wj-c83f-v46x - profullstack MCP server command injection
- GHSA-54pg-9963-v8vg - Intercom client package compromise
- CVE-2026-41490 - Dagster dynamic partition SQL injection
- CVE-2026-42274 - Heimdall policy interpretation bypass cluster
- GHSA-xmxx/GHSA-mr34/GHSA-2gvc - OpenClaw gateway boundary hardening
- GHSA-rh99-wc69-c255 - Contrast CopyFile policy symlink subversion
- GHSA-3xx2/GHSA-47wq - Paperclip agent key tenant-boundary bypass
- GHSA-74m3 - zrok WebDAV DriveRoot symlink escape
- GHSA-rpm5/GHSA-x2qx - GitPython command injection
- GHSA-vr7g-88fq-vhq3 - Paperclip workspace cleanup command injection
- GHSA-xh72/GHSA-xmxx - OpenClaw agent-surface fail-closed bypasses