2129 matches found
CVE-2026-32026
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
CVE-2026-32016
OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo withou...
CVE-2026-32016
OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo withou...
CVE-2026-32026 OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
CVE-2026-32026
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
CVE-2026-32026 OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
CVE-2026-32026
The CVE-2026-32026 issue affects OpenClaw before version 2026.2.24, where improper path validation in sandbox media handling permits access to absolute paths under the host temporary directory outside the active sandbox root. Exploitation via malicious media references in attachment delivery can ...
EUVD-2026-13300
OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...
EUVD-2026-13281
OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo withou...
OpenClaw 路径遍历漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Path Validation Improperity vulnerability, which is caused by an incorrect path validation flaw in sandboxed media handling. An attacker can exploit the vulnerability to traverse a directory on a...
OpenClaw 代码问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability caused by a path validation bypass flaw in the exec approval distribution list pattern on macOS. An attacker can exploit the vulnerability to execute arbitrary commands on th...
EUVD-2026-12864
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...
CVE-2026-29858
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...
CVE-2026-29858
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...
PT-2026-26105
CVE-2026-29858 A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure. https://t.co/WowAOqIOTR...
CVE-2026-29858
CVE-2026-29858 affects aaPanel v7.57.0, where a lack of path validation enables local file inclusion (LFI) leading to exposure of sensitive information. The linked Red Hat, ENISA, NVD, and other feeds confirm the vulnerability statement, with the underlying cause described as insufficient path va...
CVE-2026-29858
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...
aaPanel 安全漏洞
aaPanel is a simple yet powerful web-based control panel developed under the open-source license. Version 7.57.0 of aaPanel contains a security vulnerability caused by insufficient path validation, which may lead to local file inclusion attacks and result in the exposure of sensitive information...
CVE-2026-29858
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...
CVE-2026-29858
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion LFI, leadingot sensitive information exposure...