Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/13 12:34 a.m.11 views

EUVD-2026-36615

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...

6.5CVSS5.3AI score0.00254EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 10:16 p.m.16 views

CVE-2026-53827

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...

6.5CVSS0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:56 p.m.31 views

CVE-2026-53827 OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...

6.5CVSS0.00254EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:56 p.m.20 views

CVE-2026-53827

OpenClaw is affected by CVE-2026-53827: before version 2026.5.2, a credential exposure vulnerability exists in message.action forwarding. The issue allows model-controlled metadata to forward action payloads containing Gateway credentials to attacker-supplied loopback URLs, enabling remote attack...

6.5CVSS5.3AI score0.00254EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder