Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/03 3:13 a.m.1 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the voice-call process. An attacker can cause excessive resource consumption by sending oversized WebSocket frames before validati...

7.5CVSS5.9AI score0.00532EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 2:58 a.m.5 views

Replay Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Replay Attack via the webhook signature verification process. An attacker can bypass replay detection by submitting requests with equivalent Base64 and Base64URL-encoded signatures, causi...

6.3CVSS5.9AI score0.0033EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/02 9:0 p.m.6 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the process that fetches thread root and reply context, which bypasses the sender allowlist. An attacker can gain unauthorized access to message threads by...

6.5CVSS5.9AI score0.00157EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/02 8:59 p.m.14 views

Replay Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Replay Attack in the replay deduplication process. An attacker can bypass intended access restrictions by reusing messageId values across authenticated sibling-target delivery paths...

5.4CVSS5.4AI score0.00274EPSS
Exploits0References2
Rows per page
Query Builder