Lucene search
K

6 matches found

NVD
NVD
added 2026/06/11 9:16 p.m.10 views

CVE-2026-53808

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:6 p.m.8 views

CVE-2026-53808 OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS5.2AI score0.00194EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 8:6 p.m.8 views

EUVD-2026-36314

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS5.5AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:6 p.m.22 views

CVE-2026-53808

OpenClaw prior to 2026.5.6 contains an approval policy bypass in the Skill Workshop apply flow, allowing attacker-controlled agent tool calls to set apply: true despite approvalPolicy: pending. This enables modification of workshop configurations without proper authorization when the affected app...

6.5CVSS5.4AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/11 8:6 p.m.31 views

CVE-2026-53808 OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS0.00194EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.8 views

PT-2026-48738

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description An approval policy bypass exists in the Skill Workshop apply flow. This issue allows agent tool calls to set the apply variable to true even when the approvalPolicy is configured as pending. An...

6.5CVSS5.2AI score0.00194EPSS
Exploits0References5
Rows per page
Query Builder