OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to suppress legitimate events on different accounts by matching the eventname and messageid parameters...

CVE-2026-41362 OpenClaw 2026.2.19 through 2026.3.30 - Webhook Replay Dedupe Cache Event Suppression via Shared Authentication

OpenClaw versions 2026.2.19 before 2026.3.31 contain an improper cache isolation vulnerability in the Zalo webhook replay-dedupe mechanism that is shared across authenticated webhook targets. Attackers controlling one authenticated Zalo webhook path in multi-account deployments can suppress...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to hijack the authentication of unspecified victims for requests that use the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...

CVE-2010-4881

Multiple cross-site request forgery CSRF vulnerabilities in calendar.class.php in ApPHP Calendar ApPHP CAL allow remote attackers to hijack the authentication of unspecified victims for requests that use the 1 categoryname, 2 categorydescription, 3 eventname, or 4 eventdescription parameter...