Lucene search
K

10 matches found

NVD
NVD
added 2026/04/10 5:17 p.m.6 views

CVE-2026-35660

OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attackers with operator.write privileges can invoke /reset or /new messages with an explicit sessionKey ...

8.1CVSS0.00272EPSS
Exploits0References4
CVE
CVE
added 2026/04/10 4:3 p.m.11 views

CVE-2026-35660

OpenClaw is affected by a vulnerability in the Gateway agent’s /reset endpoint, prior to version 2026.3.23. The flaw grants callers with operator.write permission the ability to reset admin sessions by invoking /reset or /new with an explicit sessionKey, bypassing operator.admin requirements and ...

8.1CVSS5.9AI score0.00272EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31971

OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attackers with operator.write privileges can invoke /reset or /new messages with an explicit sessionKey ...

8.1CVSS5.9AI score0.00272EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/29 3:30 p.m.5 views

EUVD-2026-17026

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the...

8.8CVSS6.1AI score0.00297EPSS
Exploits0References3
OSV
OSV
added 2026/03/29 12:44 p.m.3 views

CVE-2026-33573 OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the...

8.7CVSS6.2AI score0.00297EPSS
Exploits0References4
CVE
CVE
added 2026/03/29 12:44 p.m.18 views

CVE-2026-33573

OpenClaw (prior to 2026.3.11) suffers an authorization bypass in the gateway agent RPC. Authenticated operators with operator.write permission can override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values, enabling escape from the configured workspace and ex...

8.8CVSS6.1AI score0.00297EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/26 7:0 p.m.3 views

GHSA-WQ58-2PVG-5H4F OpenClaw: Gateway agent /reset exposes admin session reset to operator.write callers

Summary Before v2026.3.23, the Gateway agent RPC accepted /reset and /new for callers with only operator.write, even though the direct sessions.reset RPC correctly requires operator.admin. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.23 - Latest released tag checked:...

7.1CVSS5.8AI score0.00272EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 7:0 p.m.6 views

OpenClaw: Gateway agent /reset exposes admin session reset to operator.write callers

Summary Before v2026.3.23, the Gateway agent RPC accepted /reset and /new for callers with only operator.write, even though the direct sessions.reset RPC correctly requires operator.admin. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.23 - Latest released tag checked:...

8.1CVSS5.9AI score0.00272EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 8:55 p.m.4 views

GHSA-2RQG-GJGV-84JM OpenClaw: Gateway `agent` calls could override the workspace boundary

Summary The public gateway agent RPC allowed an authenticated operator with operator.write to supply attacker-controlled spawnedBy and workspaceDir values. That let the caller re-root the agent run outside its configured workspace boundary. Impact A non-owner operator could escape the intended...

8.8CVSS5.9AI score0.00297EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 8:55 p.m.16 views

OpenClaw: Gateway `agent` calls could override the workspace boundary

Summary The public gateway agent RPC allowed an authenticated operator with operator.write to supply attacker-controlled spawnedBy and workspaceDir values. That let the caller re-root the agent run outside its configured workspace boundary. Impact A non-owner operator could escape the intended...

5.9AI score
Exploits0References3Affected Software1
Rows per page
Query Builder