20 matches found
PT-2026-37006
Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.5 through 2026.4.9 Description Sandboxed agents can escape exec routing by specifying host=node. This allows attackers to bypass sandbox boundaries and route execution to remote nodes instead of the intended sandbox...
Duplicate Advisory: OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hjvp-qhm6-wrh2. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with...
GHSA-CJQ8-M7WJ-XMQ9 Duplicate Advisory: OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hjvp-qhm6-wrh2. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with...
CVE-2026-32058
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval wit...
EUVD-2026-13962
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval wit...
CVE-2026-32058
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval wit...
CVE-2026-32058 OpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval wit...
CVE-2026-32058
OpenClaw prior to 2026.2.26 contains an approval context-binding weakness in system.run flows with host=node that allows reuse of previously approved requests after environment variables are modified. Exploitation requires access to an approval id to reuse an approval with changed env input, bypa...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the approval-enabled host=node workflows. An attacker can bypass intended approval integrity by reusing a previously approved request with altered environment...
OpenClaw: Node exec approvals could be replayed across nodes
Summary exec.approval requests for host=node were not explicitly bound to the target nodeId, so an approval intended for one node could be replayed for a different node under the same operator-controlled gateway fleet. Impact An operator approval for a system.run request could be reused across...
GHSA-Q399-23R3-HFX4 OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind
Summary For host=node runs, approvals validated command context but did not pin executable identity for non-path-like argv0 tokens for example tr. If PATH resolution changed after approval, execution could run a different binary. Impact A previously approved action could execute a different...
PT-2026-26019
Summary For host=node executions, approval context could be bypassed after approval-time by rebinding a writable parent symlink in cwd while preserving the visible cwd string. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.26 planned next npm release Impact A command...
PT-2026-26237
Summary For host=node runs, approvals validated command context but did not pin executable identity for non-path-like argv0 tokens for example tr. If PATH resolution changed after approval, execution could run a different binary. Impact A previously approved action could execute a different...
Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern
Impact A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories. Example: apiVersion: storage.k8s.io/v1 kind: StorageClass metadata:...
CVE-2025-2515
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
EUVD-2025-205290
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
PT-2025-3612
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A use-after-free issue was found in the Linux kernel, specifically in the adv7533 attach dsi function. The host node pointer was assigned and freed in adv7533 parse dt, and later used in adv753...
Red Hat OpenShift Container Platform 访问控制错误漏洞
Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that help organizations develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. OpenShift Container Platform 4 suffers from a security...