3 matches found
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.4.9 to 2026.4.10 contained a security vulnerability. This vulnerability stemmed from a denial-of-service attack in the real-time WebSocket path for voice calls. It was possible for a...
CVE-2026-41400 OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
Allocation of Resources Without Limits or Throttling
Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the voice-call process. An attacker can cause excessive resource consumption by sending oversized WebSocket frames before...