Lucene search
K

11 matches found

OSV
OSV
added 2026/04/09 5:37 p.m.6 views

GHSA-3VVQ-Q2QC-7RMP OpenClaw B-M3: ClawHub package downloads are not enforced with integrity verification

Impact B-M3: ClawHub package downloads are not enforced with integrity verification. ClawHub downloads could install plugin archives without enforcing archive or per-file integrity metadata. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and doe...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/09 5:37 p.m.10 views

OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects

Impact fetchWithSsrFGuard replays unsafe request bodies across cross-origin redirects. A guarded fetch could resend unsafe request bodies or headers when following cross-origin redirects. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does n...

7.1CVSS5.9AI score0.00239EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/09 5:37 p.m.16 views

GHSA-W9J9-W4CP-6WGR OpenClaw Host-Exec Environment Variable Injection

Impact OpenClaw Host-Exec Environment Variable Injection. Host exec could inherit environment variables that influence interpreters, shells, or build tools. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a multi-tenant servic...

5.9CVSS5.8AI score0.00371EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 5:36 p.m.6 views

GHSA-W8G9-X8GX-CRMM OpenClaw: Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable

Impact Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable. Strict browser SSRF checks could miss Playwright request-time navigation to private targets. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and...

6.9CVSS5.8AI score0.00188EPSS
Exploits0References5
OSV
OSV
added 2026/04/09 5:36 p.m.6 views

GHSA-4F8G-77MW-3RXC OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`

Impact Gateway plugin HTTP auth: gateway widens identity-bearing operator.read requests into runtime operator.write. Plugin HTTP routes using gateway auth could receive runtime write scopes even when the upstream trusted-proxy request only declared read. OpenClaw is a user-controlled local...

7.1CVSS5.8AI score0.00239EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/09 5:36 p.m.9 views

OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`

Impact Gateway plugin HTTP auth: gateway widens identity-bearing operator.read requests into runtime operator.write. Plugin HTTP routes using gateway auth could receive runtime write scopes even when the upstream trusted-proxy request only declared read. OpenClaw is a user-controlled local...

7.1CVSS5.9AI score0.00239EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 5:36 p.m.10 views

OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval

Impact OpenClaw node.pair.approve placed in operator.write scope instead of operator.pairing allows unprivileged pairing approval. The pairing approval method accepted operator.write instead of the narrower pairing scope and admin requirement for exec-capable nodes. OpenClaw is a user-controlled...

8.8CVSS5.9AI score0.00282EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/09 5:36 p.m.5 views

GHSA-3FV3-6P2V-GXWJ OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through the SSRF guard and allowlist policy. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

5.9CVSS5.8AI score0.00218EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 5:36 p.m.5 views

GHSA-5H3F-885M-V22W OpenClaw: Existing WS sessions survive shared gateway token rotation

Impact Existing WS sessions survive shared gateway token rotation. Rotating the shared gateway token did not disconnect existing shared-token WebSocket sessions. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a multi-tenant...

5.9CVSS5.8AI score0.00186EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 5:34 p.m.6 views

GHSA-68X5-XX89-W9MM OpenClaw: resolvedAuth closure becomes stale after config reload

Impact resolvedAuth closure becomes stale after config reload. After a config reload, newly accepted gateway connections could continue using stale resolved auth state. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

5.1CVSS5.8AI score0.00215EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/09 5:33 p.m.9 views

OpenClaw `device.token.rotate` mints tokens for unapproved roles, bypassing device role-upgrade pairing

Impact OpenClaw device.token.rotate mints tokens for unapproved roles, bypassing device role-upgrade pairing. Device token rotation could mint or preserve roles/scopes that had not gone through the intended pairing approval. OpenClaw is a user-controlled local assistant. This advisory is scoped t...

8.8CVSS5.9AI score0.00282EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder