Nixpkgs security tracker

Untriaged

Permalink CVE-2026-41381

5.4 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist

OpenClaw before 2026.3.31 contains an access control bypass vulnerability in the Discord voice manager that allows attackers to bypass channel-level member access allowlist restrictions. Attackers can send Discord voice ingress requests before channel allowlist authorization is performed, gaining unauthorized access to restricted voice channels.

References

GitHub Security Advisory (GHSA-cqgw-44wg-44rf) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41377

4.6 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation

OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings.

References

GitHub Security Advisory (GHSA-cwq8-6f96-g3q4) vendor-advisory
Patch Commit patch
Patch Commit patch
Patch Commit patch
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41399

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades

OpenClaw before 2026.3.28 accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. Unauthenticated network attackers can exhaust socket and worker capacity to disrupt WebSocket availability for legitimate clients.

References

GitHub Security Advisory (GHSA-f44p-c7w9-7xr7) vendor-advisory
VulnCheck Advisory: OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades third-party-advisory

Affected products

OpenClaw

<2026.3.28
==2026.3.28

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41912

7.6 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): Required (R)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation

OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources.

References

GitHub Security Advisory (GHSA-vr5g-mmx7-h897) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation third-party-advisory

Affected products

OpenClaw

==2026.4.8
<2026.4.8

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41407

3.7 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison

OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length comparison helpers. Attackers can measure timing differences to leak secret-length information, weakening constant-time handling for shared secrets.

References

GitHub Security Advisory (GHSA-jj6q-rrrf-h66h) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison third-party-advisory

Affected products

OpenClaw

<2026.4.2
==2026.4.2

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-42427

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): High (H)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): High (H)
Availability (A): None (N)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.4.8 - Remote Code Execution via Build Tool Environment Variable Injection

OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS. Attackers can inject malicious build tool environment variables to influence host exec commands and achieve arbitrary code execution.

References

GitHub Security Advisory (GHSA-7437-7hg8-frrw) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.4.8 - Remote Code Execution via Build Tool Environment Variable Injection third-party-advisory

Affected products

OpenClaw

==2026.4.8
<2026.4.8

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41374

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): Low (L)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization

OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger audio preflight processing without member allowlist validation to cause resource exhaustion.

References

GitHub Security Advisory (GHSA-hhff-fj5f-qg48) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41402

4.2 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass

OpenClaw before 2026.3.31 contains a scope bypass vulnerability in webhook replay cache deduplication that allows authenticated attackers to replay messages across sibling targets using the same messageId. Attackers can exploit overly broad cache keying to bypass replay protection and deliver duplicate webhook messages to unintended targets.

References

GitHub Security Advisory (GHSA-hhq4-97c2-p447) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41382

5.4 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps

OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord voice ingress that allows attackers to bypass channel and member allowlist restrictions. Attackers can exploit stale-role validation gaps and improper channel name validation to gain unauthorized access to restricted voice channels.

References

GitHub Security Advisory (GHSA-x2m8-53h4-6hch) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Untriaged

Permalink CVE-2026-41385

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 1 month ago Activity log

Created suggestion 1 month ago

OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass

OpenClaw before 2026.3.31 stores Nostr privateKey as plaintext in configuration, allowing exposure through config.get method calls that bypass redaction mechanisms. Attackers can retrieve unredacted configuration data to obtain plaintext signing keys used for Nostr protocol operations.

References

GitHub Security Advisory (GHSA-jjw7-3vjf-fg5j) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass third-party-advisory

Affected products

OpenClaw

==2026.3.31
<2026.3.31

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.4.12
- nixpkgs-unstable 2026.4.21
- nixos-unstable-small 2026.4.21

Package maintainers

@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@chrisportela Chris Portela <chris@chrisportela.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.openclaw

Package maintainers