Lucene search
K

5 matches found

NVD
NVD
added 2026/06/16 7:17 p.m.18 views

CVE-2026-53850

OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority,...

6.8CVSS0.00093EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.14 views

CVE-2026-53850

OpenClaw is affected by CVE-2026-53850, a control scope enforcement bypass in the focus command present in versions prior to 2026.4.25. The vulnerability allows authenticated callers to bypass authorization checks and change focus state outside their intended authority, potentially enabling unaut...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49767

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A control scope enforcement bypass exists in the focus command. This allows authenticated callers to execute the command without proper authorization checks, enabling them to change the focus...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/13 12:34 a.m.9 views

EUVD-2026-36608

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

6.9CVSS5.2AI score0.00094EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 9:56 p.m.22 views

CVE-2026-53820

OpenClaw contains an exec denylist bypass in the bundle MCP loopback session-spawn path prior to version 2026.5.12. This allows authenticated callers to bypass command restrictions and initiate sessions with broader command reach than intended. Affected component: bundle MCP session-spawn; root c...

6.9CVSS5.3AI score0.00094EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder