Lucene search
+L

4 matches found

attackerkb
attackerkb
added 2026/05/11 4:46 p.m.9 views

CVE-2026-45002

OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls...

6.3CVSS5.8AI score0.00279EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/05/11 4:46 p.m.7 views

CVE-2026-45002 OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping

OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls...

6.3CVSS5.8AI score0.00279EPSS
Exploits0References3
osv
osv
added 2026/05/11 4:46 p.m.5 views

CVE-2026-45002 OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping

OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls...

6.3CVSS6AI score0.00279EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/11 4:46 p.m.39 views

CVE-2026-45002 OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping

OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls...

6.3CVSS0.00279EPSS
Exploits0References3
Rows per page
Query Builder