5274 matches found
PT-2026-35800
OpenClaw before 2026.4.8 contains a session management vulnerability where existing WebSocket sessions survive shared gateway token rotation. Attackers can maintain unauthorized access to WebSocket connections after token rotation by exploiting the failure to disconnect existing shared-token...
PT-2026-35784
OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...
PT-2026-35783
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description OpenClaw accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. This allows unauthenticated network attackers to exhaust socket and worker...
Exploit for Missing Authentication for Critical Function in Coreweave Marimo
CVE-2026-39987 — Marimo Pre-Auth RCE For educational and...
[SECURITY] Fedora 44 Update: qt6-qtwebsockets-6.10.3-1.fc44
The QtWebSockets module implements the WebSocket protocol as specified in RFC 6455. It solely depends on Qt no external dependencies...
EUVD-2026-25340
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation...
Duplicate Advisory: OpenClaw: Gateway `device.token.rotate` does not terminate active WebSocket sessions after credential rotation
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rfqg-qgf8-xr9x. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with...
GHSA-WWC3-C577-533M Duplicate Advisory: OpenClaw: Gateway `device.token.rotate` does not terminate active WebSocket sessions after credential rotation
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rfqg-qgf8-xr9x. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with...
EUVD-2026-25317
OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...
Duplicate Advisory: OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6p8r-6m93-557f. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to...
GHSA-W9F5-8Q83-QWPX Duplicate Advisory: OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6p8r-6m93-557f. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to...
Python Library marimo < 0.23.0 Pre-Auth RCE (CVE-2026-39987)
The detected version of the marimo Python package is prior to 0.23.0. It is, therefore, affected by a remote code execution vulnerability: - The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute...
CVE-2026-41356
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation...
CVE-2026-41333
OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...
CVE-2026-41356
OpenClaw is affected prior to version 2026.3.31 by an issue where active WebSocket sessions are not terminated during device token rotation. The underlying cause is incomplete termination of WebSocket sessions when rotating tokens. This allows attackers who already have credentials to retain unau...
CVE-2026-41356 OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation...
CVE-2026-41356 OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation...
CVE-2026-41356
OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation...
CVE-2026-41333
OpenClaw (pre-2026.3.31) contains an authentication rate-limiting bypass vulnerability that lets attackers bypass shared authentication protections using fake device tokens. According to the record, attackers can exploit a mixed WebSocket authentication flow to bypass rate limiting and perform br...
CVE-2026-41333 OpenClaw < 2026.3.31 - Authentication Rate Limiting Bypass via Fake DeviceToken
OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...