12 matches found
OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens
Summary MCP loopback owner context is derived from server-issued bearer tokens. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact The loopback MCP path accepted spoofable owner-context metadata from request headers, which could...
CVE-2026-41329
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...
EUVD-2026-24017
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...
CVE-2026-41329 OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...
CVE-2026-41329
OpenClaw = 2026.3.31. Public disclosures in GHSA and CVE entries provide evidence of the exploit path and affected version range, with a fix committed in a30214a624946fc5c85c9558a27c1580172374fd. If applicable, apply the patch to mitigate risk; no exploitation details are provided beyond the advi...
GHSA-G5CG-8X5W-7JPM OpenClaw: Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation
Summary Heartbeat context inheritance bypasses sandbox via senderIsOwner escalation Current Maintainer Triage - Status: open - Normalized severity: Critical Affected Packages / Versions - Package: openclaw npm - Latest published npm version: 2026.3.31 - Vulnerable version range: = 2026.3.31 - Fir...
CVE-2026-32035
OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when processing Discord voice transcripts in agentCommand, causing the flag to default to true. Non-owner voice participants can exploit this omission to access owner-only tools including gateway and cron functionality in...
OpenClaw has an unspecified vulnerability (CNVD-2026-14832)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that is caused by failing to pass the senderIsOwner flag when processing Discord voice transcription in agentCommand. An attacker could exploit the vulnerability to cause a voi...
EUVD-2026-13318
OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when processing Discord voice transcripts in agentCommand, causing the flag to default to true. Non-owner voice participants can exploit this omission to access owner-only tools including gateway and cron functionality in...
CVE-2026-32035
OpenClaw CVE-2026-32035 affects openclaw prior to 2026.3.2. The Discord voice transcript path in agentCommand omits senderIsOwner, causing the flag to default to true and enabling non-owner participants in mixed-trust channels to access owner-only tools (gateway, cron). Affected versions: ≤ 2026....
GHSA-WPG9-4G4V-F9RC OpenClaw: Discord voice transcript owner-flag omission could expose owner-only tools in mixed-trust channels
Summary In [email protected], the Discord voice transcript path called agentCommand... without senderIsOwner, and agentCommand defaults missing senderIsOwner to true. This could allow a non-owner voice participant in the same channel to reach owner-only tool surfaces gateway, cron during voice...
PT-2026-26416
Summary In [email protected], the Discord voice transcript path called agentCommand... without senderIsOwner, and agentCommand defaults missing senderIsOwner to true. This could allow a non-owner voice participant in the same channel to reach owner-only tool surfaces gateway, cron during voice...