Lucene search
K

6 matches found

NVD
NVD
added 2026/04/21 12:16 a.m.7 views

CVE-2026-41329

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS0.00298EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/20 11:8 p.m.37 views

CVE-2026-41329 OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS0.00298EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/20 11:8 p.m.7 views

CVE-2026-41329

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 11:8 p.m.7 views

EUVD-2026-24017

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 11:8 p.m.5 views

CVE-2026-41329 OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privile...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 11:8 p.m.34 views

CVE-2026-41329

OpenClaw = 2026.3.31. Public disclosures in GHSA and CVE entries provide evidence of the exploit path and affected version range, with a fix committed in a30214a624946fc5c85c9558a27c1580172374fd. If applicable, apply the patch to mitigate risk; no exploitation details are provided beyond the advi...

9.9CVSS5.8AI score0.00298EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder