17 matches found
CVE-2026-53838
OpenClaw is affected by a state mutation vulnerability in node pairing reconnection prior to version 2026.5.27. The issue lets paired nodes confuse approval scope decisions by manipulating reconnection logic, potentially restoring or presenting broader node authority than intended and bypassing a...
CVE-2026-35674
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...
CVE-2026-35674
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...
EUVD-2026-33337
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...
CVE-2026-35674 OpenClaw < 2026.5.18 - Scope Bypass via Inherited chat.send Route
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...
PT-2026-44898
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description A scope bypass exists in the Gateway 'chat.send' endpoint. This issue allows clients with the operator.write scope to execute privileged commands by utilizing inherited external routes. This...
EUVD-2026-24014
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text commands to bypass the channels.discord.execApprovals.approvers allowlist and approve pending hos...
CVE-2026-41303 OpenClaw < 2026.3.28 - Authorization Bypass in Discord Text Approval Commands
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text commands to bypass the channels.discord.execApprovals.approvers allowlist and approve pending hos...
CVE-2026-40149
PraisonAI’s multi-agent system is vulnerable to an unauthenticated modification of the tool approval allowlist via the gateway’s /api/approval/allow-list endpoint (pre-4.5.128). By adding dangerous tool names (e.g., shell_exec, file_write) when no auth_token is configured, an attacker can cause t...
CVE-2026-31993
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-28473 OpenClaw < 2026.2.2 - Authorization Bypass via /approve Chat Command
OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.approval.resolve through an internal privileged gateway...
CVE-2023-4700
An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4 prior to 16.4.2, and 16.5 prior to 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals...
Improper Access Control
@finos/git-proxy is vulnerable to improper access control. The vulnerability is due to bypassing policies and explicit approvals when pushing to remote repositories, which allows an attacker to push code containing secrets or unwanted changes without required checks or plugin execution...
GitLab 18.0 < 18.0.6 / 18.1 < 18.1.4 / 18.2 < 18.2.2 (CVE-2025-8770)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific...
Improper Authorization
Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Improper Authorization via the getDiff.ts and parsePush.ts files, when handling new branch creation. An attacker can bypass required approvals for prior...
CVE-2025-54583 GitProxy bypasses approvals when pushing multiple branches
GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are skipped, code containing secrets or unwanted...