2650 matches found
CVE-2026-31993
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-31993
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-31993
CVE-2026-31993 affects the OpenClaw macOS companion app, with versions prior to 2026.2.22. The issue is a allowlist parsing mismatch in system.run shell chains that allows authenticated operators to bypass exec approval checks, enabling arbitrary command execution on the paired host when paired w...
EUVD-2026-13025
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Summary An explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block wil...
GHSA-GJGX-RVQR-6W6V Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Summary An explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block wil...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw prior to 2026.2.23 is affected by an exec approval bypass in allowlist mode. Unrecognized multiplexer wrappers (e.g., busybox/toybox sh -c) can bypass allow-always restrictions, enabling invocation of arbitrary payloads under the same wrapper and bypassing execution restrictions. Affecte...
PT-2026-26183
Name of the Vulnerable Software and Affected Versions Mesop versions 1.2.2 and below Description Mesop, a Python-based UI framework, contains a flaw where an explicit web endpoint within the ai/ testing module infrastructure directly accepts untrusted Python code strings without authentication...
Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
Summary The POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data containing arbitrary Python code in node definitions instead of the stored flow...
GHSA-F8R2-VG7X-GH8M OpenClaw: Exec approval allowlist patterns overmatched on POSIX paths
Summary matchesExecAllowlistPattern normalized patterns and targets with lowercasing and compiled glob matching too broadly on POSIX. In addition, the ? wildcard could match /, which allowed matches to cross path segments. Impact These matching rules could overmatch allowlist entries and permit...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the exec.Command function via the compressionalgorithm parameter in API calls to the image and backup endpoints. An attacker can execute arbitrary commands as the LXD daemon by sending specially crafted...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
Erlang/OTP SSH Unauthenticated Blind RCE CVE-2025-32433 PoC...
CVE-2026-28473
OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.approval.resolve through an internal privileged gateway...
CVE-2026-28466
OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject...
CVE-2026-28473
OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.approval.resolve through an internal privileged gateway...