Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/03/31 11:54 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via unbounded concurrent unauthenticated WebSocket upgrades before session authentication. An attacker can exhaust socket and worker...

5.3CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/31 11:51 p.m.3 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the onboard-remote.ts process. An attacker can gain unauthorized access to gateway credentials and potentially intercept sensitive traffic by leveraging a...

8.1CVSS5.9AI score0.00126EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/31 4:54 p.m.3 views

Brute Force

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Brute Force via the webhook authentication process. An attacker can gain unauthorized access by repeatedly attempting to guess shared secrets without restriction, potentially allowing the...

6.5CVSS5.9AI score0.00365EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/29 3:50 p.m.2 views

Weak Password Requirements

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Weak Password Requirements due to insufficient rate limiting in the webhook authentication process. An attacker can repeatedly guess weak webhook tokens by sending numerous authentication...

6.9CVSS5.9AI score0.00244EPSS
Exploits0References3
Rows per page
Query Builder