Lucene search
K

4 matches found

OSV
OSV
added 2026/06/18 8:34 p.m.5 views

GHSA-MPC8-JXJH-QPGH OpenClaw: Focus command could miss controlScope enforcement

Summary Focus command could miss controlScope enforcement. In affected versions, a caller able to trigger the focus command could run the command without enforcing the expected control scope. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

6.8CVSS5.6AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 7:17 p.m.20 views

CVE-2026-53850

OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority,...

6.8CVSS0.00093EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.20 views

CVE-2026-53850

OpenClaw is affected by CVE-2026-53850, a control scope enforcement bypass in the focus command present in versions prior to 2026.4.25. The vulnerability allows authenticated callers to bypass authorization checks and change focus state outside their intended authority, potentially enabling unaut...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49767

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A control scope enforcement bypass exists in the focus command. This allows authenticated callers to execute the command without proper authorization checks, enabling them to change the focus...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References5
Rows per page
Query Builder