6 matches found
OpenClaw has an unspecified vulnerability (CNVD-2026-17487)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...
CVE-2026-32971
OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrapper binaries and induce wrapper-shaped commands to execute local code after operators approve...
OpenClaw 安全漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...
PT-2026-29231
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description The software contains an approval-integrity issue within the node-host system.run approvals functionality. This allows the display of extracted shell payloads instead of the executed arguments. ...
PT-2024-13448
Name of the Vulnerable Software and Affected Versions Cypress Solutions CTM-200 versions 2.7.1.5600 and below Description The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the cli text parameter. Recommendations For versions 2.7.1.5600 and belo...
GHSA-JCWR-X25H-X5FH codehaus-plexus vulnerable to XML injection
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtilwriteComment fails to sanitize comments for a -- sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection...