SOC Cyber Wall v5

P1 P2 KEV only EPSS≥0.20 REMOTE PoC CRITICAL 🆕 Nouveaux

Priority

Vendor

Sévérité

EPSS min: 0.00

CVSS min: 0.0

Exports

Publié entre et

Heatmap CVSS × EPSS (visible)survol = détail CVE

Prio	CVE	Sev	CVSS	EPSS	Score	Vendor	Produit	CWE	Description	Signaux
P0	CVE-2026-3055	CRITICAL	9.8	0.443	222.0	Citrix	NetScaler	CWE-125	Citrix NetScaler Out-of-Bounds Read Vulnerability	KEV EPSS↑ CWE! 🦠 RANSOM
P0	CVE-2017-7921	LOW	0.0	0.942	218.1	Hikvision	Multiple Products	—	Hikvision Multiple Products Improper Authentication Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2021-22054	LOW	0.0	0.938	217.6	Omnissa	Workspace One UEM	—	Omnissa Workspace ONE Server-Side Request Forgery	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2025-32432	LOW	0.0	0.877	210.2	Craft CMS	Craft CMS	—	Craft CMS Code Injection Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2025-68613	LOW	0.0	0.792	200.0	n8n	n8n	—	n8n Improper Control of Dynamically-Managed Code Resources Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2026-1603	LOW	0.0	0.654	183.5	Ivanti	Endpoint Manager (EPM)	—	Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2026-33634	HIGH	8.8	0.212	183.2	Aquasecurity	Trivy	CWE-506	Aquasecurity Trivy Embedded Malicious Code Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2026-33017	CRITICAL	9.8	0.057	175.6	Langflow	Langflow	CWE-94	Langflow Code Injection Vulnerability	KEV CWE! 🦠 RANSOM
P0	CVE-2026-20131	CRITICAL	10.0	0.006	170.7	Cisco	Secure Firewall Management Center (FMC)	CWE-502	Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability	KEV CWE! 🦠 RANSOM
P0	CVE-2026-3910	HIGH	8.8	0.015	164.6	Google	Chromium V8	CWE-94	Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability	KEV CWE! 🦠 RANSOM
P0	CVE-2025-54068	LOW	0.0	0.489	163.6	Laravel	Livewire	—	Laravel Livewire Code Injection Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2026-3909	HIGH	8.8	0.005	163.4	Google	Skia	CWE-787	Google Skia Out-of-Bounds Write Vulnerability	KEV CWE! 🦠 RANSOM
P0	CVE-2026-5281	HIGH	8.8	0.000	162.8	Google	Dawn	CWE-416	Google Dawn Use-After-Free Vulnerability	KEV CWE! 🦠 RANSOM
P0	CVE-2025-53521	LOW	0.0	0.414	154.7	F5	BIG-IP	—	F5 BIG-IP Stack-Based Buffer Overflow Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2026-3502	HIGH	7.8	0.000	151.8	TrueConf	Client	CWE-494	TrueConf Client Download of Code Without Integrity Check Vulnerability	KEV 🦠 RANSOM
P0	CVE-2025-26399	LOW	0.0	0.282	138.9	SolarWinds	Web Help Desk	—	SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2025-47813	LOW	0.0	0.204	129.5	Wing FTP Server	Wing FTP Server	—	Wing FTP Server Information Disclosure Vulnerability	KEV EPSS↑ 🦠 RANSOM
P0	CVE-2021-22681	LOW	0.0	0.129	120.5	Rockwell	Multiple Products	—	Rockwell Multiple Products Insufficient Protected Credentials Vulnerability	KEV 🦠 RANSOM
P0	CVE-2025-66376	LOW	0.0	0.100	117.0	Synacor	Zimbra Collaboration Suite (ZCS)	—	Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability	KEV 🦠 RANSOM
P0	CVE-2026-20963	LOW	0.0	0.062	112.4	Microsoft	SharePoint	—	Microsoft SharePoint Deserialization of Untrusted Data Vulnerability	KEV 🦠 RANSOM
P0	CVE-2021-30952	LOW	0.0	0.013	106.5	Apple	Multiple Products	—	Apple Multiple Products Integer Overflow or Wraparound Vulnerability	KEV 🦠 RANSOM
P0	CVE-2025-43520	LOW	0.0	0.005	105.6	Apple	Multiple Products	—	Apple Multiple Products Classic Buffer Overflow Vulnerability	KEV 🦠 RANSOM
P0	CVE-2025-43510	LOW	0.0	0.005	105.5	Apple	Multiple Products	—	Apple Multiple Products Improper Locking Vulnerability	KEV 🦠 RANSOM
P0	CVE-2025-31277	LOW	0.0	0.002	105.2	Apple	Multiple Products	—	Apple Multiple Products Buffer Overflow Vulnerability	KEV 🦠 RANSOM
P0	CVE-2023-41974	LOW	0.0	0.002	105.2	Apple	iOS and iPadOS	—	Apple iOS and iPadOS Use-After-Free Vulnerability	KEV 🦠 RANSOM
P0	CVE-2023-43000	LOW	0.0	0.001	105.1	Apple	Multiple Products	—	Apple Multiple products Use-After-Free Vulnerability	KEV 🦠 RANSOM
P2	GHSA-9q7v-8mr7-g23p	MEDIUM	0.0	0.000	65.0	npm	openclaw	CWE-918	OpenClaw: SSRF via Unguarded `fetch()` in Marketplace Plugin Download and Ollama Model Discovery	CWE! 🦠 RANSOM 📡 ITW
P2	CVE-2026-35393	CRITICAL	9.8	0.000	63.8	go	github.com/patrickhener/goshs	CWE-22	goshs: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload	CWE!
P2	CVE-2026-35392	CRITICAL	9.8	0.000	63.8	go	github.com/patrickhener/goshs	CWE-22	goshs: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload	CWE!
P2	CVE-2026-35171	CRITICAL	9.8	0.000	63.8	pip	kedro	CWE-94	Kedro has Arbitrary Code Execution via Malicious Logging Configuration	CWE!
P2	GHSA-37v6-fxx8-xjmx	LOW	0.0	0.000	60.0	npm	openclaw	CWE-294	OpenClaw: Telnyx Webhook Replay Detection Bypass via Base64 Signature Re-encoding	🦠 RANSOM 📡 ITW
P2	GHSA-hhq4-97c2-p447	LOW	0.0	0.000	60.0	npm	openclaw	CWE-294	OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass	🦠 RANSOM 📡 ITW
P2	GHSA-89r3-6x4j-v7wf	LOW	0.0	0.000	60.0	npm	openclaw	CWE-294	OpenClaw: Voice-call Plivo replay mutates in-process callback origin before replay rejection	🦠 RANSOM 📡 ITW
P2	CVE-2026-34976	CRITICAL	10.0	0.000	60.0	go	github.com/dgraph-io/dgraph/v25	CWE-862	Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
P3	CVE-2026-35168	HIGH	8.8	0.001	57.9	composer	devcode-it/openstamanager	CWE-89	OpenSTAManager: SQL Injection via Aggiornamenti Module	CWE!
P3	CVE-2026-35039	CRITICAL	9.1	0.000	54.6	npm	fast-jwt	CWE-345	fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)
P3	CVE-2026-34950	CRITICAL	9.1	0.000	54.6	npm	fast-jwt	CWE-327	fast-jwt: Incomplete fix for CVE-2023-48223: JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key
P3	CVE-2026-34774	HIGH	8.1	0.000	53.6	npm	electron	CWE-416	Electron: Use-after-free in offscreen child window paint callback	CWE!
P3	CVE-2026-34780	HIGH	8.4	0.000	50.4	npm	electron	CWE-668	Electron: Context Isolation bypass via contextBridge VideoFrame transfer
P3	CVE-2026-28815	HIGH	7.5	0.000	50.0	swift	swift-crypto	CWE-787	Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length	CWE!
P3	CVE-2026-35036	HIGH	7.5	0.000	50.0	go	github.com/lin-snow/ech0	CWE-918	Ech0 has Unauthenticated Server-Side Request Forgery in Website Preview Feature	CWE!
P3	CVE-2026-34771	HIGH	7.5	0.000	50.0	npm	electron	CWE-416	Electron: Use-after-free in WebContents fullscreen, pointer-lock, and keyboard-lock permission callbacks	CWE!
P3	GHSA-ghc5-95c2-vwcv	HIGH	8.2	0.000	49.2	composer	auth0/symfony	CWE-331	Auth0 Symfony SDK has Insufficient Entropy in Cookie Encryption
P3	GHSA-vfpx-q664-h93m	HIGH	8.2	0.000	49.2	composer	auth0/wordpress	CWE-331	Auth0 WordPress Plugin has Insufficient Entropy in Cookie Encryption
P3	GHSA-fmg6-246m-9g2v	HIGH	8.2	0.000	49.2	composer	auth0/login	CWE-331	Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption
P3	CVE-2024-24762	HIGH	7.5	0.034	49.1	pip	python-multipart	CWE-400	python-multipart vulnerable to Content-Type Header ReDoS
P3	CVE-2026-35037	HIGH	7.2	0.000	48.2	go	github.com/lin-snow/ech0	CWE-918	Ech0: Unauthenticated SSRF in GetWebsiteTitle allows access to internal services and cloud metadata	CWE!
P3	CVE-2026-35167	HIGH	7.1	0.000	47.6	pip	kedro	CWE-22	Kedro: Path Traversal in versioned dataset loading via unsanitized version string	CWE!
P3	CVE-2026-34770	HIGH	7.0	0.000	47.0	npm	electron	CWE-416	Electron: Use-after-free in PowerMonitor on Windows and macOS	CWE!
P3	CVE-2026-34769	HIGH	7.8	0.000	46.8	npm	electron	CWE-88	Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference
P3	CVE-2026-34986	HIGH	7.5	0.000	45.0	go	github.com/go-jose/go-jose/v4	CWE-248	Go JOSE Panics in JWE decryption
P3	CVE-2026-34779	MEDIUM	6.5	0.000	44.0	npm	electron	CWE-78	Electron: AppleScript injection in app.moveToApplicationsFolder on macOS	CWE!
P3	CVE-2026-34775	MEDIUM	6.8	0.000	40.8	npm	electron	CWE-653	Electron: nodeIntegrationInWorker not correctly scoped in shared renderer processes
P3	CVE-2026-34772	MEDIUM	5.8	0.000	39.8	npm	electron	CWE-416	Electron: Use-after-free in download save dialog callback	CWE!
P3	CVE-2026-34215	HIGH	6.5	0.000	39.1	npm	parse-server	CWE-200	Parse Server exposes auth data via verify password endpoint
P3	CVE-2026-27877	MEDIUM	6.5	0.000	39.0	go	github.com/grafana/grafana	CWE-200	Grafana public dashboards disclose all direct mode datasources
P3	CVE-2026-34756	MEDIUM	6.5	0.000	39.0	pip	vllm	CWE-770	vLLM: Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server
P3	GHSA-3c7f-5hgj-h279	MEDIUM	5.4	0.000	37.4	npm	n8n	CWE-79	n8n has XSS in Chat Trigger Node through Custom CSS	CWE!
P3	CVE-2026-34776	MEDIUM	5.3	0.000	36.8	npm	electron	CWE-125	Electron: Out-of-bounds read in second-instance IPC on macOS and Linux	CWE!
P3	CVE-2026-34778	MEDIUM	5.9	0.000	35.4	npm	electron	CWE-290	Electron: Service worker can spoof executeJavaScript IPC replies
P3	CVE-2026-34767	MEDIUM	5.9	0.000	35.4	npm	electron	CWE-74	Electron: HTTP Response Header Injection in custom protocol handlers and webRequest
P3	CVE-2026-34773	MEDIUM	4.7	0.000	33.2	npm	electron	CWE-20	Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows	CWE!
P3	CVE-2026-34777	MEDIUM	5.4	0.000	32.4	npm	electron	CWE-346	Electron: Incorrect origin passed to permission request handler for iframe requests
P3	CVE-2026-34835	MEDIUM	4.8	0.000	28.9	rubygems	rack	CWE-1286	Rack::Request accepts invalid Host characters, enabling host allowlist bypass
P3	CVE-2026-34768	LOW	3.9	0.000	23.4	npm	electron	CWE-428	Electron: Unquoted executable path in app.setLoginItemSettings on Windows
P3	CVE-2026-34766	LOW	3.3	0.000	19.8	npm	electron	CWE-862	Electron: USB device selection not validated against filtered device list
P3	CVE-2026-35038	LOW	0.0	0.001	5.1	npm	signalk-server	CWE-20	Signal K Server: Arbitrary Prototype Read via `from` Field Bypass	CWE!
P3	CVE-2026-34989	CRITICAL	0.0	0.000	5.0	composer	ci4-cms-erp/ci4ms	CWE-79	CI4MS: Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS	CWE!
P3	CVE-2026-35052	MEDIUM	0.0	0.000	5.0	pip	dtale	CWE-79	D-Tale: Remote Code Execution through redis/shelf storage	CWE!
P3	GHSA-58q2-7r52-jq62	MEDIUM	0.0	0.000	5.0	npm	openclaw	CWE-22	OpenClaw: Path traversal via inbound channel attachment path in ACP dispatch allows arbitrary file read	CWE!
P3	GHSA-f6pf-4gjx-c94r	HIGH	0.0	0.000	5.0	npm	openclaw	CWE-22	OpenClaw: Media Parsing Path Traversal Leads to Arbitrary File Read	CWE!
P3	GHSA-ccgf-5rwj-j3hv	LOW	0.0	0.000	5.0	npm	telejson	CWE-79	TeleJSON: DOM XSS via unsanitised constructor name in `new Function()`	CWE!
P3	CVE-2026-32145	HIGH	0.0	0.000	0.0	erlang	wisp	CWE-770	wisp has Allocation of Resources Without Limits or Throttling
P3	CVE-2026-34450	MEDIUM	0.0	0.000	0.0	pip	anthropic	CWE-276	Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool
P3	GHSA-rm5c-4rmf-vvhw	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-367	OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses
P3	CVE-2025-68153	HIGH	0.0	0.000	0.0	go	github.com/juju/juju	CWE-863	Juju has a resource poisoning vulnerability
P3	CVE-2025-68152	MEDIUM	0.0	0.000	0.0	go	github.com/juju/juju	CWE-863	Juju: Read All Controller Logs From Compromised Workload
P3	CVE-2026-34992	HIGH	0.0	0.000	0.0	go	antrea.io/antrea	CWE-311	Antrea has Missing Encryption of Sensitive Data
P3	CVE-2026-35175	HIGH	0.0	0.000	0.0	pip	ajenti-panel	CWE-862	Ajenti has an authorization bypass during custom package installation
P3	GHSA-cjmm-f4jc-qw8r	MEDIUM	0.0	0.000	0.0	npm	dompurify	CWE-183	DOMPurify ADD_ATTR predicate skips URI validation
P3	GHSA-cj63-jhhr-wcxv	MEDIUM	0.0	0.000	0.0	npm	dompurify	CWE-1321	DOMPurify USE_PROFILES prototype pollution allows event handlers
P3	GHSA-xg6x-h9c9-2m83	CRITICAL	0.0	0.000	0.0	npm	better-auth	CWE-288	Better Auth Has Two-Factor Authentication Bypass via Premature Session Caching (session.cookieCache)
P3	GHSA-x2m8-53h4-6hch	LOW	0.0	0.000	0.0	npm	openclaw	CWE-862	OpenClaw: Discord voice ingress authorization can be bypassed via channel, name, and stale-role validation gaps
P3	GHSA-6336-qqw9-v6x6	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Discord Component Interaction Misclassifies Group DM as Direct Message
P3	GHSA-9f4w-67g7-mqwv	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-670	OpenClaw: Endpoint persists after trust decline, leaking gateway credentials
P3	GHSA-3xv9-89fm-7h4r	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-348	OpenClaw: diffs viewer misclassifies proxied remote requests as loopback when `allowRemoteViewer` is disabled
P3	GHSA-rvvf-6vh3-9j43	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Discord Slash Commands Bypass Group DM Channel Allowlist
P3	GHSA-q9w8-cf67-r238	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-346	OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration
P3	GHSA-f693-58pc-2gfr	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-732	OpenClaw: Telegram legacy allowFrom migration fans default-account trust into all named accounts
P3	GHSA-3pm9-5j7m-59vc	LOW	0.0	0.000	0.0	npm	openclaw	CWE-436	OpenClaw: Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config
P3	GHSA-gg9v-mgcp-v6m7	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-269	OpenClaw: Unbound bootstrap setup codes allow privilege escalation during pairing
P3	GHSA-h5hg-h7rr-gpf3	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Node browser proxy `allowProfiles` bypass through persistent profile mutation and runtime profile selection
P3	GHSA-cqgw-44wg-44rf	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Discord voice manager bypasses channel-level member access allowlist
P3	GHSA-m6fx-m8hc-572m	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-770	OpenClaw: Telegram audio preflight transcription enables resource consumption by unauthorized senders
P3	GHSA-gjm7-hw8f-73rq	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Paired node escalates to gateway RCE via unrestricted node.event agent dispatch
P3	GHSA-9p3r-hh9g-5cmg	CRITICAL	0.0	0.000	0.0	npm	openclaw	CWE-367	OpenClaw: Sandbox escape via TOCTOU race in remote FS bridge readFile
P3	GHSA-2w79-r9g8-wmcr	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-400	OpenClaw: Voice-call still parses large WebSocket frames before start validation (Incomplete fix for CVE-2026-32062)
P3	GHSA-rfqg-qgf8-xr9x	LOW	0.0	0.000	0.0	npm	openclaw	CWE-613	OpenClaw: Gateway `device.token.rotate` does not terminate active WebSocket sessions after credential rotation
P3	GHSA-6p8r-6m93-557f	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-307	OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting
P3	GHSA-cg7q-fg22-4g98	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-184	OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables
P3	GHSA-g374-mggx-p6xc	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode
P3	GHSA-v3qc-wrwx-j3pw	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-285	OpenClaw: Agentic Consent Bypass — LLM Agent Can Silently Disable Exec Approval via `config.patch`
P3	GHSA-hr8g-2q7x-3f4w	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-200	OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability
P3	GHSA-w85g-3h6x-4xh2	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-770	OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS
P3	GHSA-g8xp-qx39-9jq9	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-427	OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides
P3	GHSA-xj9w-5r6q-x6v4	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md
P3	GHSA-9gp8-hjxr-6f34	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-269	OpenClaw: Host exec environment overrides miss proxy, TLS, Docker, and Git TLS controls
P3	GHSA-hhff-fj5f-qg48	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-770	OpenClaw runs Discord audio preflight transcription before member authorization
P3	GHSA-mhr7-2xmv-4c4q	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-346	OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
P3	GHSA-p464-m8x6-vhv8	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-400	OpenClaw: MS Teams webhook parses body before JWT validation, enabling unauthenticated resource exhaustion
P3	GHSA-57gh-m6rq-54cf	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-552	OpenClaw: Self-Whitelisting in appendLocalMediaParentRoots Allows Arbitrary File Read & Credential Exfiltration
P3	GHSA-68v4-hmwv-f43h	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-522	OpenClaw: Media download follows cross-origin redirects with Authorization headers intact
P3	GHSA-cwf8-44x6-32c2	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-59	OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal
P3	GHSA-qcj9-wwgw-6gm8	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-15	OpenClaw: Workspace `.env` can override the bundled plugin trust root
P3	GHSA-cwq8-6f96-g3q4	LOW	0.0	0.000	0.0	npm	openclaw	CWE-636	OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open)
P3	GHSA-fv94-qvg8-xqpw	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-59	OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host
P3	GHSA-j9pv-rrcj-6pfx	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-212	OpenClaw: SSH-based sandbox backends pass unsanitized process.env to child processes
P3	GHSA-chfm-xgc4-47rj	LOW	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: MSTeams thread history bypasses sender allowlist via Graph API
P3	GHSA-qcc3-jqwp-5vh2	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-770	OpenClaw: LINE webhook handler lacks shared pre-auth concurrency budget before signature verification
P3	GHSA-rg8m-3943-vm6q	LOW	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Matrix thread root and reply context bypass sender allowlist
P3	GHSA-3qpv-xf3v-mm45	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-15	OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code
P3	GHSA-877v-w3f5-3pcq	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Feishu thread history and quoted messages bypass sender allowlist
P3	GHSA-g5cg-8x5w-7jpm	CRITICAL	0.0	0.000	0.0	npm	openclaw	CWE-863	OpenClaw: Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation
P3	GHSA-jjw7-3vjf-fg5j	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-200	OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get
P3	GHSA-7ggg-pvrf-458v	HIGH	0.0	0.000	0.0	npm	openclaw	CWE-807	OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic
P3	GHSA-mhgq-xpfq-6r66	MEDIUM	0.0	0.000	0.0	npm	openclaw	CWE-269	OpenClaw: Unauthenticated plugin-auth HTTP routes receive operator runtime scopes