CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222 matches found

NVD•added 2026/06/11 9:16 p.m.•11 views

CVE-2026-53819

OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can execute unintended Homebrew-compatible executables during skill...

8.8CVSS0.00298EPSS

Exploits0References2

Vulnrichment•added 2026/06/11 8:10 p.m.•17 views

CVE-2026-53819 OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override

8.8CVSS6.1AI score0.00298EPSS

Exploits0References2

CVE•added 2026/06/11 8:10 p.m.•18 views

CVE-2026-53819

OpenClaw prior to 2026.5.27 is affected by an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can cause OpenClaw to execute unintended Homebrew-compatible ...

8.8CVSS6.2AI score0.00298EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/06/11 12:0 a.m.•11 views

PT-2026-48749

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.27 Description An arbitrary code execution issue exists in skill install flows. This occurs because workspace .env files can override the Homebrew executable selection, allowing attackers with access to truste...

8.8CVSS6.2AI score0.00298EPSS

Exploits0References5

CNNVD•added 2026/06/11 12:0 a.m.•12 views

OpenClaw 权限许可和访问控制问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.27 had code-related vulnerabilities. These vulnerabilities stemmed from issues with code execution during the skill installation process. The workarea.env file could override th...

8.8CVSS6.3AI score0.00298EPSS

Exploits0References2

GithubExploit•added 2026/04/23 8:56 a.m.•176 views

DangXPloit

webOS 6.5.3 Root Exploit Chain 0-day Target: LG Smart T...

5.9AI score

Exploits0

GithubExploit•added 2026/04/12 5:28 p.m.•104 views

exploit900

GoldHEN - PS4 Homebrew Enabler...

5.9AI score

Exploits0

NVD•added 2026/03/19 10:16 p.m.•4 views

CVE-2026-32009

OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can...

7.8CVSS0.00133EPSS

Exploits0References3

ATTACKERKB•added 2026/03/18 1:34 a.m.•2 views

CVE-2026-22217

OpenClaw version 2026.2.22 prior to 2026.2.23 contains an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variabl...

7.8CVSS6.5AI score0.00125EPSS

Exploits0References4Affected Software1