CVE-2026-43531

OpenClaw is vulnerable prior to version 2026.4.9 due to an environment variable injection flaw that allows malicious workspace .env files to set runtime-control variables. This can alter update sources, gateway URLs, ClawHub resolution, and browser executable paths, potentially changing applicati...

CVE-2026-43531 OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File

OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise...

CVE-2026-43531 OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File

OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise...

EUVD-2026-27273

OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.9 contained security vulnerabilities. These vulnerabilities were caused by environmental variable injection, allowing malicious workarea.env files to set runtime control...

OpenClaw: Workspace .env could inject OpenClaw runtime-control variables

Summary Workspace .env could inject OpenClaw runtime-control variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact A malicious workspace .env file could set OpenClaw runtime-control variables affecting update sources, gateway URLs,...

PT-2026-26227

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22 OpenClaw versions 2026.2.21-2 and earlier Description The software contains an authorization bypass issue in the allow-always wrapper persistence feature. This allows attackers to bypass approval checks by...

CVE-2025-64994

A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate...

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

Unexpected paths returned from LookPath in os/exec

...

Liquidfiles 安全漏洞

Liquidfiles is a storage service for large-scale secure file transfer and sharing for companies and organizations from US-based Liquidfiles, Inc. A security vulnerability exists in Liquidfiles versions prior to 4.1.2 that stems from directory traversal that can be achieved by configuring local...

Notepad++ < 8.8.2 Privilege Escalation (CVE-2025-49144)

The version of Notepad++ installed on the remote host is prior to 8.8.2. It is, therefore, affected by a privilege escalation vulnerability: - Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1...

Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server

Summary A security vulnerability has been identified in go-gh where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URLs provided by GitHub with local file paths for browsing. Details The GitHub CLI and CLI...

PT-2025-6780 · Schneider Electric · Ecostruxure Process Expert

Name of the Vulnerable Software and Affected Versions: EcoStruxure Process Expert version 2020R2 Description: The issue is related to improper privilege management, affecting two services, one of which manages audit trail data and the other acts as a server managing client requests. This could le...

Server Side Request Forgery (SSRF)

wp-graphql/wp-graphql is vulnerable to Server Side Request Forgery SSRF. The vulnerability exists due to executable paths in GraphQL queries like createMediaItem, which allows authenticated users to get unauthorized access to servers, thus jeopardizing server security...

WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF)

Impact Users with capabilities to upload media editors and above are succeptible to SSRF Server-Side Request Forgery when executing the createMediaItem Mutation. Authenticated users making GraphQL requests that execute the createMediaItem could pass executable paths in the mutations filePath...

PT-2022-19692 · Qualys · Qualys Cloud Agent

Name of the Vulnerable Software and Affected Versions: Qualys Cloud Agent version 4.8.0-49 Description: An issue was discovered in the Qualys Cloud Agent where it executes programs at various full pathnames without first making ownership and permission checks, and without integrity checks. This...

CVE-2021-32957

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

Kramer Electronics VIAware 代码问题漏洞

Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics Israel. A code issue exists in Kramer Electronics VIAware that allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable...

MDT AutoSave SQL注入漏洞

MDT AutoSave is a software application. It provides an automated change management function. An SQL injection vulnerability exists in MDT AutoSave where a function in the device is used to retrieve process-specific system information, which is collected by executing multiple commands and...