OsVault/npm/send
npm2 critical

send

90 known vulnerabilities · 2 critical · 1 high

CVE-2024-43799MEDIUM

send vulnerable to template injection that can lead to XSS

Published Sep 10, 2024
CVE-2015-8859MEDIUM

Root Path Disclosure in send

Published Oct 24, 2017
CVE-2014-6394HIGH

Directory Traversal in send

Published Oct 24, 2017
MAL-2024-7927

Malicious code in ampersend-mymove (npm)

Published Aug 7, 2024
GHSA-2ch6-x3g4-7759

OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From

Published Mar 3, 2026
GHSA-534w-2vm4-89xr

OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch

Published Mar 3, 2026
CVE-2026-30959

OneUptime has WhatsApp Resend Verification Authorization Bypass

Published Mar 10, 2026
GHSA-767m-xrhc-fxm7

OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

Published Apr 7, 2026
GHSA-rxmx-g7hr-8mx4

OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders

Published Apr 7, 2026
GHSA-8883-9w57-vwv6

OpenClaw: Mattermost callback dispatch allowed non-allowlisted sender actions

Published Mar 26, 2026
GHSA-3q42-xmxv-9vfr

OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send

Published Apr 7, 2026
CVE-2026-32895

OpenClaw: Slack system events bypass sender authorization in member and message subtype handlers

Published Mar 12, 2026
CVE-2025-24010

Websites were able to send any requests to the development server and read the response in vite

Published Jan 21, 2025
CVE-2026-32039

OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass

Published Mar 3, 2026
CVE-2026-32005

OpenClaw: Slack interactive callbacks could skip configured sender checks in some shared-workspace flows

Published Mar 4, 2026
CVE-2022-24762MEDIUM

Leaking of user information on Cross-Domain communication in sysend

Published Mar 14, 2022
GHSA-chfm-xgc4-47rj

OpenClaw: MSTeams thread history bypasses sender allowlist via Graph API

Published Apr 2, 2026
GHSA-xgwg-m42c-8q62

Duplicate Advisory: OpenClaw: Slack system events bypass sender authorization in member and message subtype handlers

Published Mar 21, 2026
GHSA-5r8f-96gm-5j6g

OpenClaw Gateway `operator.write` can reach admin-only session reset via `chat.send` `/reset`

Published Apr 1, 2026
GHSA-m6fx-m8hc-572m

OpenClaw: Telegram audio preflight transcription enables resource consumption by unauthorized senders

Published Apr 3, 2026
GHSA-hfpr-jhpq-x4rm

OpenClaw: `operator.write` chat.send could reach admin-only config writes

Published Mar 9, 2026
GHSA-5h2w-qmfp-ggp6

OpenClaw: Gateway `operator.write` can reach admin-only persisted `verboseLevel` via `chat.send` `/verbose`

Published Mar 31, 2026
CVE-2026-32269

Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Published Mar 13, 2026
GHSA-94pw-c6m8-p9p9

OpenClaw: Gateway operator.write Can Reach Admin-Class Channel Allowlist Persistence via chat.send

Published Mar 30, 2026
GHSA-6xg4-82hv-cp6f

OpenClaw: Gateway chat.send ACP-only provenance guard could be bypassed by client identity spoofing

Published Mar 31, 2026
CVE-2026-28451

OpenClaw has two SSRF via sendMediaFeishu and markdown image fetching in Feishu extension

Published Feb 18, 2026
GHSA-877v-w3f5-3pcq

OpenClaw: Feishu thread history and quoted messages bypass sender allowlist

Published Apr 2, 2026
MAL-2022-3053

Malicious code in firestore-messagebird-send-msg (npm)

Published Jun 20, 2022
GHSA-39mp-545q-w789

OpenClaw: Non-owner command-authorized sender can change the owner-only `/send` session delivery policy

Published Mar 30, 2026
CVE-2024-48460

Eugeny Tabby Sends Password Despite Host Key Verification Failure

Published Jan 17, 2025
MAL-2024-7820

Malicious code in sendapp (npm)

Published Jul 27, 2024
GHSA-gqqj-85qm-8qhf

Paperclip: codex_local inherited ChatGPT/OpenAI-connected Gmail and was able to send real email

Published Apr 16, 2026
GHSA-8m9v-xpgf-g99m

OpenClaw has an unauthorized sender bypass in its stop triggers and /models command authorization

Published Mar 2, 2026
MAL-2023-769

Malicious code in sendgram (npm)

Published Apr 18, 2023
GHSA-jhpv-5j76-m56h

OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure

Published Apr 17, 2026
CVE-2026-33578MEDIUM
Risk: 21.5/100

OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade

Published Apr 1, 2026
MAL-2023-8111

Malicious code in send-orchestrator-event-lambda (npm)

Published Sep 16, 2023
GHSA-jwrq-8g5x-5fhm

OpenClaw: Collect-mode queue batches could reuse the last sender authorization context

Published Apr 17, 2026
MAL-2025-191204

Malicious code in @clausehq/flows-step-sendgridemail (npm)

Published Nov 25, 2025
CVE-2026-26321

OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension

Published Feb 17, 2026
MAL-2024-7926

Malicious code in ampersend-client (npm)

Published Aug 7, 2024
MAL-2024-1028

Malicious code in disc-web-sender (npm)

Published Feb 21, 2024
MAL-2024-9251

Malicious code in sendbird-hubs (npm)

Published Oct 10, 2024
MAL-2024-9252

Malicious code in sendbird-uikit-integration (npm)

Published Oct 10, 2024
MAL-2024-8968

Malicious code in com.sendbird.chat (npm)

Published Sep 25, 2024
GHSA-f6h3-846h-2r8w

OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization

Published Mar 4, 2026
MAL-2024-9253

Malicious code in sendbird_chat_sdk (npm)

Published Oct 10, 2024
CVE-2026-33576MEDIUM
Risk: 32.51/100

OpenClaw: Zalo channel downloads media before sender authorization

Published Mar 31, 2026
GHSA-g5cg-8x5w-7jpm

OpenClaw: Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation

Published Apr 2, 2026
GHSA-g839-vp47-wgh8

Duplicate Advisory: OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress

Published Mar 21, 2026
GHSA-x2cm-hg9c-mf5w

OpenClaw leaf subagents can bypass controlScope restrictions to send messages to child sessions

Published Mar 26, 2026
CVE-2026-28473

OpenClaw authorization bypass: operator.write can resolve exec approvals via chat.send -> /approve

Published Feb 17, 2026
GHSA-h656-5vcf-cm23

OpenClaw: Unauthorized Telegram Senders Trigger Media Download and Disk Write Before Access Check

Published Mar 3, 2026
GHSA-gc9r-867r-j85f

OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks

Published Apr 17, 2026
CVE-2026-25224

Fastify Vulnerable to DoS via Unbounded Memory Allocation in sendWebStream

Published Feb 2, 2026
CVE-2020-7627CRITICAL

OS Command Injection in node-key-sender

Published Feb 10, 2022
GHSA-pjvx-rx66-r3fg

OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping

Published Mar 9, 2026
CVE-2026-28392

OpenClaw Slack: dmPolicy=open allowed any DM sender to run privileged slash commands

Published Feb 18, 2026
CVE-2026-32899

OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress

Published Mar 3, 2026
MAL-2023-770

Malicious code in sendtelegram (npm)

Published May 1, 2023
GHSA-77w2-crqv-cmv3

OpenClaw: Feishu Raw Card Send Surface Can Mint Legacy Card Callbacks That Bypass DM Pairing

Published Mar 29, 2026
MAL-2025-190892

Malicious code in @posthog/sendgrid-plugin (npm)

Published Nov 24, 2025
GHSA-67mh-4wv8-2f99

esbuild enables any website to send any requests to the development server and read the response

Published Feb 10, 2025
CVE-2025-65944

Sentry's sensitive headers are leaked when `sendDefaultPii` is set to `true`

Published Nov 24, 2025
GHSA-chm2-m3w2-wcxm

OpenClaw Google Chat spoofing access with allowlist authorized mutable email principal despite sender-ID mismatch

Published Feb 17, 2026
CVE-2026-33323

Parse Server email verification resend page leaks user existence

Published Mar 19, 2026
MAL-2025-2485

Malicious code in sendmoneyserv (npm)

Published Mar 18, 2025
MAL-2022-6254

Malicious code in spotify-event-sender (npm)

Published Jun 20, 2022
MAL-2025-584

Malicious code in pascoresend (npm)

Published Jan 25, 2025
GHSA-g7cr-9h7q-4qxq

OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty

Published Mar 12, 2026
GHSA-rf6h-5gpw-qrgq

OpenClaw: MS Teams Feedback Invocation Bypasses Sender Allowlists and Records Unauthorized Session Feedback

Published Mar 29, 2026
CVE-2022-35924CRITICAL

NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails

Published Aug 2, 2022
CVE-2026-27484

OpenClaw Discord moderation authorization used untrusted sender identity in tool-driven flows

Published Feb 20, 2026
MAL-2025-2219

Malicious code in sendbird-chat-sample-react (npm)

Published Mar 6, 2025
MAL-2025-239

Malicious code in sendbird-moderation-dashboard (npm)

Published Jan 20, 2025
MAL-2024-73

Malicious code in gh-action-send-event (npm)

Published Jan 11, 2024
MAL-2022-3052

Malicious code in firefox-send (npm)

Published Jun 20, 2022
MAL-2024-9220

Malicious code in com.sendbird.calls (npm)

Published Oct 10, 2024
MAL-2022-5754

Malicious code in reqsender321 (npm)

Published Jun 9, 2022
MAL-2024-8974

Malicious code in sendbird-uikit-gpt (npm)

Published Sep 25, 2024
GHSA-2j53-2c28-g9v2

Duplicate Advisory: OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Published Apr 10, 2026
MAL-2022-7197

Malicious code in wm-logzio-sender (npm)

Published Jun 20, 2022
MAL-2025-3394

Malicious code in dowload_ebok_verrassend_aanzoek_by_andie_brock_4mly7 (npm)

Published Apr 25, 2025
MAL-2023-990

Malicious code in yandex-sendlinksms (npm)

Published Jan 30, 2023
MAL-2025-3712

Malicious code in eipsend (npm)

Published May 5, 2025
GHSA-rg8m-3943-vm6q

OpenClaw: Matrix thread root and reply context bypass sender allowlist

Published Apr 2, 2026
GHSA-65h8-27jh-q8wv

OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Published Mar 26, 2026
GHSA-xg59-f45v-9r9j

Duplicate Advisory: OpenClaw's MS Teams sender allowlist bypass when route allowlist is configured and sender allowlist is empty

Published Mar 31, 2026
MAL-2025-3219

Malicious code in multichannelsender (npm)

Published Apr 16, 2025
MAL-2025-867

Malicious code in sendinblue2019 (npm)

Published Feb 3, 2025
Check your entire dependency tree at onceRun dependency scan →