Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 1:30 a.m.1 views

CVE-2026-26972

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads...

6.7CVSS5.5AI score0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 11:8 p.m.23 views

CVE-2026-26972 OpenClaw has a Path Traversal in Browser Download Functionality

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads...

6.7CVSS0.00199EPSS
Exploits0References3
CVE
CVE
added 2026/02/19 11:8 p.m.27 views

CVE-2026-26972

OpenClaw has a path traversal vulnerability in the browser download helpers. In versions 2026.1.12 through 2026.2.12, the browser download assistant accepted unsanitized output paths, enabling writes outside the intended temp downloads directory when invoked via browser control gateway routes. Ex...

6.7CVSS5.5AI score0.00199EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/18 5:37 p.m.6 views

GHSA-XWJM-J929-XQ7C OpenClaw has a Path Traversal in Browser Download Functionality

Summary OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema no...

6.7CVSS5.6AI score0.00199EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/02/18 5:37 p.m.15 views

OpenClaw has a Path Traversal in Browser Download Functionality

Summary OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema no...

6.7CVSS5.5AI score0.00199EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/10 12:0 a.m.4 views

The vulnerability in the Google Updater application for browser-based downloads in Google Chrome and the Windows operating system arises from insecure privilege management. This allows a malicious individual to escalate their privileges through a created file.

The vulnerability of the Google Updater application for browser-based downloads in Google Chrome and Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to elevate their privileges through a specially created file...

8.8CVSS7.2AI score0.00919EPSS
Exploits0References8Affected Software7
Microsoft KB
Microsoft KB
added 2018/09/27 12:0 a.m.4 views

January 26, 2017—KB 3216755 (OS Build 14393.726)

January 26, 2017—KB 3216755 OS Build 14393.726 Improvements and fixes This release is only available on the Microsoft Update Catalog website This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issu...

6.8AI score
Exploits0
Rows per page
Query Builder