Lucene search
K

5 matches found

Snyk
Snyk
added 2026/04/09 5:37 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to missing pre-allocation size checks in the base64 decoding process. An attacker can cause excessive memory allocation by providi...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 5:37 p.m.4 views

Missing Support for Integrity Check

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Support for Integrity Check through the download process. An attacker can cause unauthorized or malicious plugin archives to be installed by providing tampered or unverified files...

6.9CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/09 5:37 p.m.5 views

Command Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the host-exec process. An attacker can execute arbitrary commands by injecting environment variables that influence interpreters, shells, or build tools. Remediation...

5.9CVSS6.1AI score
Exploits0References2
Snyk
Snyk
added 2026/04/09 5:34 p.m.12 views

Insufficient Session Expiration

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficient Session Expiration due to the resolvedAuth process becoming outdated after a configuration reload. An attacker can maintain unauthorized access by leveraging stale...

5.4CVSS5.8AI score0.00215EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 5:32 p.m.2 views

Exposure of Resource to Wrong Sphere

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere in the handling of shared reply MEDIA references, where paths are treated as trusted. An attacker can cause unauthorized access to local files by...

5.9CVSS5.8AI score0.00181EPSS
Exploits0References2
Rows per page
Query Builder