Lucene search
K

39 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.4 views

CVE-2026-42422

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS0.00282EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 6:10 p.m.4 views

EUVD-2026-26125

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS5.2AI score0.00282EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:10 p.m.4 views

CVE-2026-42422

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS5.2AI score0.00282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/28 6:10 p.m.5 views

CVE-2026-42422 OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS5.2AI score0.00282EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/28 6:10 p.m.35 views

CVE-2026-42422 OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS0.00282EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:10 p.m.16 views

CVE-2026-42422

OpenClaw prior to 2026.4.8 contains a vulnerability in the device.token.rotate function that lets attackers mint tokens for unapproved roles by bypassing the device role-upgrade pairing. Affected package: openclaw (npm); affected versions:

8.8CVSS5.3AI score0.00282EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/28 6:10 p.m.2 views

CVE-2026-42422 OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

7.7CVSS6AI score0.00282EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.7 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 contained security vulnerabilities. These vulnerabilities stemmed from a role bypass in the device.token.rotate function, which could allow attackers to bypass device role...

8.8CVSS5.8AI score0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35801

OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval...

8.8CVSS5.2AI score0.00282EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/09 5:33 p.m.5 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the device.token.rotate function. An attacker can obtain unauthorized access to roles or scopes by rotating device tokens without the required pairing approval...

8.8CVSS5.8AI score0.00282EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 5:33 p.m.5 views

GHSA-WHF9-3HCX-GQ54 OpenClaw `device.token.rotate` mints tokens for unapproved roles, bypassing device role-upgrade pairing

Impact OpenClaw device.token.rotate mints tokens for unapproved roles, bypassing device role-upgrade pairing. Device token rotation could mint or preserve roles/scopes that had not gone through the intended pairing approval. OpenClaw is a user-controlled local assistant. This advisory is scoped t...

8.8CVSS5.8AI score0.00282EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/03 3:11 a.m.14 views

OpenClaw: Gateway `device.token.rotate` does not terminate active WebSocket sessions after credential rotation

Summary Gateway device.token.rotate does not terminate active WebSocket sessions after credential rotation Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: v2026.3.28 rotates device tokens without disconnecting already-authenticated WebSocket sessions, which is a...

5.4CVSS5.9AI score0.00186EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/04/03 3:9 a.m.6 views

Brute Force

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Brute Force in the authentication process. An attacker can bypass rate limiting by supplying a fake DeviceToken, allowing repeated authentication attempts without triggering shared rate...

6.3CVSS5.9AI score0.00387EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 3:9 a.m.5 views

GHSA-6P8R-6M93-557F OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

Summary Fake DeviceToken Bypasses Shared Auth Rate Limiting Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Real in shipped mixed WS auth flow, but practical risk is mostly weak shared-password deployments since strong shared tokens remain non-bruteforceable...

6.3CVSS5.9AI score0.00387EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/29 3:30 p.m.4 views

EUVD-2026-17003

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin toke...

9.9CVSS6.5AI score0.0054EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/29 12:44 p.m.3 views

CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin toke...

9.9CVSS6.5AI score0.0054EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/29 12:44 p.m.21 views

CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin toke...

9.9CVSS0.0054EPSS
Exploits0References2
OSV
OSV
added 2026/03/29 12:44 p.m.3 views

CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin toke...

9.4CVSS7.8AI score0.0054EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/13 3:47 p.m.6 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization through the device.token.rotate process. An attacker can gain unauthorized administrative access and potentially execute arbitrary code on connected nodes by minti...

9.9CVSS6.2AI score0.0054EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/13 3:47 p.m.10 views

OpenClaw: Pairing-scoped device tokens could mint `operator.admin` and reach node RCE

Summary In affected versions of openclaw, a caller holding only operator.pairing could use device.token.rotate to mint a new token with broader scopes for an already paired device. If the target device was approved for operator.admin, the attacker could obtain an administrative token without...

6.5AI score
Exploits0References3Affected Software1
Rows per page
Query Builder