Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.3 views

CVE-2026-31993

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...

6.4CVSS6.1AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 3:30 a.m.3 views

GHSA-5326-6F73-M96W Duplicate Advisory: OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5f9p-f3w2-fwch. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app...

5.6CVSS6AI score0.00291EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/19 3:30 a.m.7 views

Duplicate Advisory: OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5f9p-f3w2-fwch. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app...

6.4CVSS6AI score0.00291EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/03/19 1:0 a.m.12 views

CVE-2026-31993

CVE-2026-31993 affects the OpenClaw macOS companion app, with versions prior to 2026.2.22. The issue is a allowlist parsing mismatch in system.run shell chains that allows authenticated operators to bypass exec approval checks, enabling arbitrary command execution on the paired host when paired w...

6.4CVSS6.1AI score0.00291EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 1:0 a.m.3 views

CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...

5.6CVSS6.1AI score0.00291EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/19 1:0 a.m.6 views

EUVD-2026-13025

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...

6.4CVSS6.1AI score0.00291EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.6 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.22 contained security vulnerabilities. These vulnerabilities were caused by mismatches in allowlist parsing within the macOS-compatible applications, which could allow...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References4
Rows per page
Query Builder