CVE-2026-42437

creationtimestamp| type| source ---|---|--- 2026-05-05 14:55:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4gyxc7zt2h 2026-05-05 18:00:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4rcoj5ey2k...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +12 more potentially affected by CVE-2026-42437 via openclaw (>=2026.3.22 <=2026.4.1)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-42437 Source advisory: SNYK:JS-OPENCLAW-16420275...

CVE-2026-42437

OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSocket path that accepts oversized frames without proper validation. Remote attackers can send oversized WebSocket frames to cause service unavailability for deployments exposing th...

CVE-2024-42437

creationtimestamp| type| source ---|---|--- 2024-08-14 19:54:04+00:00| seen| https://t.me/cvedetector/3178...

CVE-2023-42437

Rejected reason: This is unused...

CVE-2023-42437

CVE-2023-42437 is rejected/not used; this entry does not represent an active vulnerability.

CVE-2023-42437

...