GHSA-5CXW-77WG-JRF3 PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context

Summary PraisonAI's direct-prompt CLI automatically expands @url: mentions in raw prompt text before agent execution begins. If a prompt contains @url:, the CLI calls MentionsParser.process.... The @url: handler then performs a direct urllib.request.urlopen request to the attacker-controlled URL...

Duplicate Advisory: OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6mqc-jqh6-x8fc. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where...

CVE-2026-35634 OpenClaw < 2026.3.23 - Authentication Bypass via Local-Direct Requests in Canvas Gateway

OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasRequest unconditionally allows local-direct requests without validating bearer tokens or canvas capabilities. Attackers can send unauthenticated loopback HTTP and WebSocket request...

CVE-2026-32041

OpenClaw vulnerable in versions prior to 2026.3.1 due to authentication bootstrap error at startup, leaving browser-control routes accessible without authentication. Local or loopback SSRF paths can reach browser-control routes, including evaluate-capable actions, without valid credentials. CVSS ...

GHSA-PFV7-RR5M-QMV6 OpenClaw has auth inconsistency on local Browser Extension Relay /extension endpoint

Summary When the optional Chrome extension relay is enabled, /extension accepted unauthenticated WebSocket upgrades while /json/ and /cdp required auth. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.17 - Latest published npm version at triage time: 2026.2.17 Impact Thi...

PT-2026-26406

This issue is a browser-origin WebSocket auth chain on local loopback deployments using password auth. It is serious, but conditional: an attacker must get the user to open a malicious page and then successfully guess the gateway password. Context and Preconditions OpenClaw’s web/gateway surface ...

EUVD-2025-111625

Malicious code in local-loopback-lynx-titan npm...

CVE-2025-30034

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...

CVE-2025-30034

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.3. Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition...