6 matches found
CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions
OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...
CVE-2026-24764
OpenClaw (formerly Clawdbot) is affected by a prompt-injection vulnerability (CVE-2026-24764) when Slack integration is enabled. In versions 2026.2.2 and earlier, Slack channel metadata (topic/description) could be incorporated into the model’s system prompt, increasing the surface for injection....
CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions
OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...
CVE-2026-24764 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions
OpenClaw formerly Clawdbot is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata topic/description can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven...
OpenClaw Affected by Remote Code Execution via System Prompt Injection in Slack Channel Descriptions
Summary When the Slack integration is enabled, Slack channel metadata topic/description could be incorporated into the model's system prompt. Impact Prompt injection is a documented risk for LLM-driven systems. This issue increased the injection surface by allowing untrusted Slack channel metadat...
GHSA-782P-5FR5-7FJ8 OpenClaw Affected by Remote Code Execution via System Prompt Injection in Slack Channel Descriptions
Summary When the Slack integration is enabled, Slack channel metadata topic/description could be incorporated into the model's system prompt. Impact Prompt injection is a documented risk for LLM-driven systems. This issue increased the injection surface by allowing untrusted Slack channel metadat...