Lucene search
K

15 matches found

Github Security Blog
Github Security Blog
added 2026/03/12 12:30 p.m.7 views

Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6c9j-x93c-rw6j. This link is maintained to preserve external references. Original Description A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of th...

5.5CVSS5.2AI score0.00133EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 12:2 p.m.2 views

CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...

6.5CVSS5.7AI score0.00316EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.6 views

PT-2026-24945

A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...

4.8CVSS5.3AI score0.00133EPSS
Exploits0References9
Snyk
Snyk
added 2026/03/03 11:32 p.m.6 views

Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Race Condition in the updateRegistry and removeRegistryEntry processes. An attacker can cause loss of updates or restoration of deleted entries by performing concurrent operations that...

6.9CVSS5.8AI score0.00134EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/03 10:8 p.m.7 views

OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks

Summary tools.exec.safeBins allowlist checks could be bypassed by PATH-hijacked binaries, allowing execution of attacker-controlled trojan binaries under an allowlisted executable name. Affected Packages / Versions - Package: openclaw npm - Latest published version at triage time: 2026.2.17 -...

7.8CVSS6.1AI score0.00128EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/03 9:50 p.m.6 views

GHSA-PJ5X-38RW-6FPH OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation

Summary A command injection vulnerability existed in Windows Scheduled Task script generation for OpenClaw. Environment values were written into gateway.cmd using unquoted set KEY=VALUE, which allowed Windows shell metacharacters in config-provided environment variables to break out of assignment...

7.1CVSS6AI score0.00637EPSS
Exploits0References5
OSV
OSV
added 2026/03/03 6:42 p.m.4 views

GHSA-VJ3G-5PX3-GR46 OpenClaw vulnerable to path traversal in Feishu media temp-file naming allows writes outside os.tmpdir()

Summary OpenClaw’s Feishu media download flow used untrusted Feishu media keys imageKey / fileKey when building temporary file paths in extensions/feishu/src/media.ts. Because those keys were interpolated directly into temp-file paths, traversal segments could escape the temp directory and redire...

6.9CVSS6AI score0.00339EPSS
Exploits0References7
NVD
NVD
added 2026/02/21 10:16 a.m.17 views

CVE-2026-27576

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS0.00165EPSS
Exploits0References5
CVE
CVE
added 2026/02/21 10:0 a.m.25 views

CVE-2026-27576

OpenClaw: ACP prompt-size check vulnerability affecting local stdio bridge. Affected in 2026.2.17 and earlier; oversized prompt blocks can be assembled and forwarded to chat.send, impacting local ACP clients (e.g., IDE integrations). Mitigation: upgrade to 2026.2.19 (patched release).

4.8CVSS5.5AI score0.00165EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/21 10:0 a.m.6 views

CVE-2026-27576

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS5.5AI score0.00165EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/21 10:0 a.m.4 views

CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS5.3AI score0.00165EPSS
Exploits0References5
OSV
OSV
added 2026/02/21 10:0 a.m.10 views

CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS5.5AI score0.00165EPSS
Exploits0References7
CVE
CVE
added 2026/02/21 9:49 a.m.22 views

CVE-2026-27488

OpenClaw contains a SSRF-related issue in Cron webhook delivery. In versions up to 2026.2.17, the fetch() call in src/gateway/server-cron.ts allowed webhook targets to reach private/metadata/internal endpoints without SSRF policy checks. The issue was fixed in version 2026.2.19; upgrading to 2026...

7.3CVSS5.4AI score0.00327EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/02/20 9:13 p.m.4 views

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetch function in the cron webhook delivery process. An attacker can access internal or private network resources by specifying malicious webhook...

7.3CVSS5.6AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.9 views

PT-2026-21345

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.17 and below Description OpenClaw is a personal AI assistant. The ACP bridge component accepts excessively large prompt text blocks and constructs oversized prompt payloads before sending them to the chat.send function...

4.8CVSS5.2AI score0.00165EPSS
Exploits0References16
Rows per page
Query Builder