2 matches found
CVE-2026-28462
Summary: OpenClaw before version 2026.2.13 has a directory traversal flaw in the browser control API that accepts user-supplied output paths for trace and download files, allowing writes outside of OpenClaw’s temporary directory. The vulnerability affects API endpoints using POST for trace/stop, ...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.13 had security vulnerabilities. These vulnerabilities stemmed from the use of non-constant time string comparisons in hook token verification, which could allow attackers to infer tokens through...