2164 matches found
EUVD-2026-13304
OpenClaw versions prior to 2026.2.25 fail to enforce dmPolicy and allowFrom authorization checks on Discord direct-message reaction notifications, allowing non-allowlisted users to enqueue reaction-derived system events. Attackers can exploit this inconsistency by reacting to bot-authored DM...
MAL-2026-1602 Malicious code in @emerald-react/chat-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...
Malicious code in @emerald-react/chat-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...
CVE-2026-22178
OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastroph...
CVE-2026-22178
OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastroph...
CVE-2026-22178 OpenClaw < 2026.2.19 - ReDoS and Regex Injection via Unescaped Feishu Mention Metadata
OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastroph...
OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs
Summary openclaw versions /..., so the resulting error strings could leak bot tokens into logs, console output, or any downstream error surface that rendered the exception text. This issue is in scope under OpenClaw's trust model because the leaked secret is an OpenClaw-operated integration...
Malicious code in cortana-md-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686dc6172d061151a94189d41cd564a6127d00f10af75880962a357301ec135e The package cortana-md-bot was found to contain malicious code. Source: ghsa-malware a712b3a56136d272ebf1a688ff9ea1cc572023730622963df1e6e82389177d28...
MAL-2026-1393 Malicious code in cortana-md-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686dc6172d061151a94189d41cd564a6127d00f10af75880962a357301ec135e The package cortana-md-bot was found to contain malicious code. Source: ghsa-malware a712b3a56136d272ebf1a688ff9ea1cc572023730622963df1e6e82389177d28...
Malicious Package
Overview cortana-md-bot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
OpenClaw Identity Forgery Vulnerability
OpenClaw is an open source framework for Telegram bot rights management. OpenClaw suffers from an identity forgery vulnerability. An attacker can exploit this vulnerability to illegally manipulate bots by recycling usernames to disguise their identities and bypass privilege restrictions...
MAL-2026-1323 Malicious code in bluelite-bot-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02181290fe37f11e082818a15c1f6baa4d8479279412a74ec4b440ec14dafc7 The package bluelite-bot-manager was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview bluelite-bot-manager is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in bluelite-bot-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02181290fe37f11e082818a15c1f6baa4d8479279412a74ec4b440ec14dafc7 The package bluelite-bot-manager was found to contain malicious code. Source: ghsa-malware...
Malicious code in requests-lite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d343c918303c251cdef262a6e1cbdff6ae797cf56115a81cfa5449732395b63b Clone of a legitimate requests library. The hidden code runs when using the requests functionality and starts a Telegram bot awaiting for remote commands. ---...
MAL-2026-1291 Malicious code in requests-lite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d343c918303c251cdef262a6e1cbdff6ae797cf56115a81cfa5449732395b63b Clone of a legitimate requests library. The hidden code runs when using the requests functionality and starts a Telegram bot awaiting for remote commands. ---...
CVE-2026-28448
OpenClaw versions 2026.1.29 prior to 2026.2.1 contain a vulnerability in the Twitch plugin must be installed and enabled in which it fails to enforce the allowFrom allowlist when allowedRoles is unset or empty, allowing unauthorized Twitch users to trigger agent dispatch. Remote attackers can...
MAL-2026-1264 Malicious code in python-requirements (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
Malicious code in python-requirements (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
Malicious code in python-module-installer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61bfa181c5afb9e33e0d529138c813fc05d8130062182d9d1a5cb4ef9c8da0ea The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...