Lucene search
K

12 matches found

Github Security Blog
Github Security Blog
added 2026/05/04 8:22 p.m.10 views

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

Summary MCP loopback owner context is derived from server-issued bearer tokens. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact The loopback MCP path accepted spoofable owner-context metadata from request headers, which could...

8.5CVSS5.8AI score0.00112EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/21 12:16 a.m.7 views

CVE-2026-41329

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS0.00298EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/20 11:8 p.m.7 views

EUVD-2026-24017

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 11:8 p.m.5 views

CVE-2026-41329 OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 11:8 p.m.34 views

CVE-2026-41329

OpenClaw = 2026.3.31. Public disclosures in GHSA and CVE entries provide evidence of the exploit path and affected version range, with a fix committed in a30214a624946fc5c85c9558a27c1580172374fd. If applicable, apply the patch to mitigate risk; no exploitation details are provided beyond the advi...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/02 8:59 p.m.4 views

GHSA-G5CG-8X5W-7JPM OpenClaw: Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation

Summary Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation Current Maintainer Triage - Status: open - Normalized severity: Critical Affected Packages / Versions - Package: openclaw npm - Latest published npm version: 2026.3.31 - Vulnerable version range: = 2026.3.31 - Fir...

9CVSS5.9AI score0.00298EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-32035

OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when processing Discord voice transcripts in agentCommand, causing the flag to default to true. Non-owner voice participants can exploit this omission to access owner-only tools including gateway and cron functionality in...

5.9CVSS5.8AI score0.00139EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/24 12:0 a.m.3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14832)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that is caused by failing to pass the senderIsOwner flag when processing Discord voice transcription in agentCommand. An attacker could exploit the vulnerability to cause a voi...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/19 10:7 p.m.5 views

EUVD-2026-13318

OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when processing Discord voice transcripts in agentCommand, causing the flag to default to true. Non-owner voice participants can exploit this omission to access owner-only tools including gateway and cron functionality in...

5.9CVSS5.8AI score0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/03/19 10:7 p.m.10 views

CVE-2026-32035

OpenClaw CVE-2026-32035 affects openclaw prior to 2026.3.2. The Discord voice transcript path in agentCommand omits senderIsOwner, causing the flag to default to true and enabling non-owner participants in mixed-trust channels to access owner-only tools (gateway, cron). Affected versions: ≤ 2026....

7.1CVSS5.8AI score0.00139EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/03 9:32 p.m.3 views

GHSA-WPG9-4G4V-F9RC OpenClaw: Discord voice transcript owner-flag omission could expose owner-only tools in mixed-trust channels

Summary In [email protected], the Discord voice transcript path called agentCommand... without senderIsOwner, and agentCommand defaults missing senderIsOwner to true. This could allow a non-owner voice participant in the same channel to reach owner-only tool surfaces gateway, cron during voice...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.11 views

PT-2026-26416

Summary In [email protected], the Discord voice transcript path called agentCommand... without senderIsOwner, and agentCommand defaults missing senderIsOwner to true. This could allow a non-owner voice participant in the same channel to reach owner-only tool surfaces gateway, cron during voice...

5.9CVSS5.8AI score0.00139EPSS
Exploits0References6
Rows per page
Query Builder