7 matches found
CVE-2026-53809
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider...
CVE-2026-53809 OpenClaw < 2026.4.25 - Provider Alias Confusion in Embedded Runner Policy
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider...
EUVD-2026-36315
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider...
CVE-2026-53809 OpenClaw < 2026.4.25 - Provider Alias Confusion in Embedded Runner Policy
OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider...
CVE-2026-53809
OpenClaw is affected: the vulnerability exists in the embedded runner policy prior to version 2026.4.25. The issue is a policy bypass caused by provider alias confusion, allowing requests to be evaluated against aliases instead of canonical provider identities. Exploitation could enable access to...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.25 contained security vulnerabilities. These vulnerabilities stemmed from a policy bypass in the embedded runner strategy, allowing requests using provider aliases to be compare...
PT-2026-48739
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A policy bypass exists in the embedded runner policy. This issue allows requests using provider aliases to be compared against aliases rather than canonical provider identities. When the affecte...