4 matches found
CVE-2026-35636
OpenClaw 2026.3.11–2026.3.24 contains a session isolation bypass where session_status resolves sessionId to canonical session keys before visibility checks, allowing sandboxed child sessions to access parent or sibling sessions that should be blocked by explicit sessionKey restrictions. The descr...
CVE-2026-35636 OpenClaw 2026.3.11 < 2026.3.25 - Session Isolation Bypass via sessionId Resolution
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where sessionstatus resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that should be blocked...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Version 2026.3.11 to 2026.3.24 of OpenClaw contains security vulnerabilities. These vulnerabilities stem from session isolation bypass, which may lead to sessions being blocked from access...
PX4-Autopilot 安全漏洞
PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions prior to PX4-Autopilot 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from logical errors in the FTP session verification of PX4 Autopilot MAVLink. As a result, unverified attackers cou...