Lucene search
K

6 matches found

CNVD
CNVD
added 2026/04/10 12:0 a.m.5 views

OpenClaw has an unspecified vulnerability (CNVD-2026-17487)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...

8CVSS5.9AI score0.00272EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/31 11:17 a.m.3 views

CVE-2026-32971

OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrapper binaries and induce wrapper-shaped commands to execute local code after operators approve...

7.3CVSS6AI score0.00272EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...

8CVSS5.9AI score0.00272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.6 views

PT-2026-29231

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description The software contains an approval-integrity issue within the node-host system.run approvals functionality. This allows the display of extracted shell payloads instead of the executed arguments. ...

7.3CVSS6.3AI score0.00272EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.6 views

PT-2024-13448

Name of the Vulnerable Software and Affected Versions Cypress Solutions CTM-200 versions 2.7.1.5600 and below Description The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the cli text parameter. Recommendations For versions 2.7.1.5600 and belo...

7.5CVSS6.1AI score0.13641EPSS
Exploits1References9
OSV
OSV
added 2023/09/25 9:30 p.m.3 views

GHSA-JCWR-X25H-X5FH codehaus-plexus vulnerable to XML injection

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtilwriteComment fails to sanitize comments for a -- sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection...

4.3CVSS5.8AI score0.00694EPSS
Exploits0References9
Rows per page
Query Builder