CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

Rockylinux•added 2026/05/29 4:3 p.m.•16 views

buildah security update

An update is available for buildah. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...

7.5CVSS5.8AI score0.0052EPSS

Exploits0

NVD•added 2026/04/10 5:17 p.m.•6 views

CVE-2026-35658

OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts outside the workspace to read files that other filesystem tools would reject...

6.5CVSS0.00286EPSS

Exploits0References6

EUVD•added 2026/04/10 4:3 p.m.•1 views

EUVD-2026-21462

6.5CVSS5.8AI score0.00286EPSS

Exploits0References6

Vulnrichment•added 2026/04/10 4:3 p.m.•2 views

CVE-2026-35658 OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool

6.5CVSS5.8AI score0.00286EPSS

Exploits0References6

ATTACKERKB•added 2026/04/10 4:3 p.m.•3 views

CVE-2026-35658

6.5CVSS5.8AI score0.00286EPSS

Exploits0References7

CVE•added 2026/04/10 4:3 p.m.•10 views

CVE-2026-35658

OpenClaw CVE-2026-35658 affects the OpenClaw image tool prior to version 2026.3.2. The vulnerability is a filesystem boundary bypass that ignores tools.fs.workspaceOnly restrictions, allowing an attacker to traverse sandbox bridge mounts outside the workspace and read files that other filesystem ...

6.5CVSS5.8AI score0.00286EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/04/10 4:3 p.m.•25 views

CVE-2026-35658 OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool

6.5CVSS0.00286EPSS

Exploits0References6

Positive Technologies•added 2026/04/10 12:0 a.m.•6 views

PT-2026-31969

6.5CVSS5.8AI score0.00286EPSS

Exploits0References7

Snyk•added 2026/03/26 9:48 p.m.•4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the image tool when the tools.fs.workspaceOnly setting is enabled. An attacker can access files outside the intended workspace boundary by leveraging sandbox...

6.9CVSS5.9AI score0.00286EPSS

Exploits0References2

OSV•added 2026/03/26 9:48 p.m.•2 views

GHSA-CFP9-W5V9-3Q4H OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts

Summary The image tool did not fully honor the tools.fs.workspaceOnly filesystem boundary. In affected releases, image-path resolution could still traverse sandbox bridge mounts outside the workspace and read files from mounted directories that the other file tools would reject. Affected Packages...

6.5CVSS5.9AI score0.00286EPSS

Exploits0References8

Github Security Blog•added 2026/03/26 9:48 p.m.•13 views

OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts

6.5CVSS5.8AI score0.00286EPSS

Exploits0References8Affected Software1

CNNVD•added 2026/03/26 12:0 a.m.•4 views

sharp 路径遍历漏洞

Sharp is a personal development tool by Lovell, designed to convert large images in common formats into smaller, web-friendly JPEG, PNG, WebP, GIF, and AVIF images of various sizes. Versions of Sharp prior to 9.20.0 contained a path traversal vulnerability, which stemmed from improper handling of...

8.8CVSS5.8AI score0.00547EPSS

Exploits0References2

CNNVD•added 2026/03/25 12:0 a.m.•4 views

pdf-image 安全漏洞

pdf-image is a Node.js tool developed by Masafumi Oyamada for converting PDFs to PNG images. Versions of pdf-image 2.0.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the fact that the pdfFilePath parameter is not verified, which may lead to OS command injection...

9.8CVSS5.8AI score0.02493EPSS

Exploits4References3

Cvelist•added 2026/03/19 10:6 p.m.•17 views

CVE-2026-32002 OpenClaw < 2026.2.23 - Sandbox Boundary Bypass via Image Tool workspaceOnly Bypass

OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image tool that fails to enforce tools.fs.workspaceOnly restrictions on mounted sandbox paths, allowing attackers to read out-of-workspace files. Attackers can load restricted mounted images and exfiltrat...

6CVSS0.00315EPSS

Exploits0References3

EUVD•added 2026/03/19 10:6 p.m.•8 views

EUVD-2026-13255

6CVSS5.8AI score0.00315EPSS

Exploits0References3

Vulnrichment•added 2026/03/19 10:6 p.m.•2 views

CVE-2026-32002 OpenClaw < 2026.2.23 - Sandbox Boundary Bypass via Image Tool workspaceOnly Bypass

6CVSS5.8AI score0.00315EPSS

Exploits0References3

Snyk•added 2026/03/04 7:13 p.m.•2 views

Files or Directories Accessible to External Parties

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the image tool when tools.fs.workspaceOnly is set to true but not enforced for mounted paths resolved by the sandbox file system...

6.5CVSS5.8AI score0.00315EPSS

Exploits0References2

OSV•added 2026/03/04 7:13 p.m.•5 views

GHSA-Q6QF-4P5J-R25G OpenClaw's image tool bypasses tools.fs.workspaceOnly on sandbox mount paths and exfiltrates out-of-workspace images

Summary In OpenClaw, the sandboxed image tool did not honor tools.fs.workspaceOnly=true for mounted paths resolved by the sandbox FS bridge. This allowed reading out-of-workspace mounted images for example /agent/ and forwarding those bytes to vision model providers. Impact Sandbox boundary bypas...

6CVSS5.9AI score0.00315EPSS

Exploits0References5

Github Security Blog•added 2026/03/04 7:13 p.m.•10 views

OpenClaw's image tool bypasses tools.fs.workspaceOnly on sandbox mount paths and exfiltrates out-of-workspace images

6.5CVSS5.9AI score0.00315EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/03/04 12:0 a.m.•3 views

PT-2026-26384

6CVSS5.8AI score0.00315EPSS

Exploits0References7

Rows per page