Lucene search
K

8 matches found

NVD
NVD
added 2026/06/11 9:16 p.m.10 views

CVE-2026-53810

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

8.8CVSS0.00419EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:13 p.m.5 views

Unsafe Dependency Resolution

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via manipulation of the extension metadata process. An attacker can execute arbitrary code by redirecting the loading process toward unscanned package payload...

8.8CVSS6.1AI score0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:7 p.m.7 views

CVE-2026-53810 OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 8:7 p.m.32 views

CVE-2026-53810 OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

8.8CVSS0.00419EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 8:7 p.m.8 views

EUVD-2026-36316

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

8.8CVSS6AI score0.00419EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:7 p.m.15 views

CVE-2026-53810

OpenClaw is affected by a code execution vulnerability present before version 2026.5.18. The issue arises from marketplace runtime extension metadata that can redirect loading to unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin co...

8.8CVSS6AI score0.00419EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 contained security vulnerabilities. These vulnerabilities stemmed from the fact that extension metadata during market runtime could be redirected to load into unscanned packa...

8.8CVSS5.4AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48740

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An issue exists where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to...

8.8CVSS5.5AI score0.00419EPSS
Exploits0References5
Rows per page
Query Builder