4 matches found
CVE-2026-35619
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
CVE-2026-35619 OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
CVE-2026-35619
CVE-2026-35619 affects OpenClaw prior to 2026.3.24. The vulnerable component is the HTTP /v1/models endpoint, which fails to enforce operator.read scope, allowing attackers with operator.approvals to enumerate gateway model metadata via the HTTP compatibility route and bypass WebSocket RPC author...
PT-2026-26405
Summary OpenClaw avatar handling allowed a symlink traversal path that could expose local files outside an agent workspace through gateway avatar surfaces. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.22 so after npm release, the remaining action is to publis...