CVE-2026-10264

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

CVE-2026-10264

CVE-2026-10264 affects lharries whatsapp-mcp 0.0.1. The vulnerability is in the SendMessageRequest function of whatsapp-bridge/main.go, where manipulation of the mediaPath argument enables path traversal. The exploit has been publicly disclosed. A patch is available (patch name: 6657cdceadd361e8f...

PT-2026-45426

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

CVE-2026-42438

OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media attachment loading ...

EUVD-2026-27259

OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media attachment loading ...

CVE-2026-42438

OpenClaw version 2026.4.9 and older is affected by a sender policy bypass in the outbound host-media attachment read helper, enabling unauthorized local file disclosure when an attacker has denied read access via toolsBySender or group policy. The bypass can circumvent sender and group-scoped aut...

PT-2026-36019

Name of the Vulnerable Software and Affected Versions Algovate xhs-mcp version 0.8.11 Description An issue exists in the MCP Interface component within the xhs publish content function of the src/server/mcp.server.ts file. A remote attacker can perform server-side request forgery SSRF—a flaw that...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.15 contained security vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the local root directory of the tool’s result media path, allowing arbitra...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the host-media attachment read helper. An attacker can access unauthorized local files by bypassing sender or group-scoped policy restrictions through the...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the QQ Bot media-send path. An attacker can access arbitrary files on the host filesystem by crafting structured payloads that specify file paths outside of intend...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the mediaUrl and fileUrl parameters in the message tool. An attacker can access arbitrary files on the local filesystem by supplying specially crafted requests tha...

CVE-2026-32026

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...

CVE-2026-32026

The CVE-2026-32026 issue affects OpenClaw before version 2026.2.24, where improper path validation in sandbox media handling permits access to absolute paths under the host temporary directory outside the active sandbox root. Exploitation via malicious media references in attachment delivery can ...

CVE-2026-29611

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension must be installed and enabled media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBubblesMedia function fails to validate mediaPath...

CVE-2026-29611

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension must be installed and enabled media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBubblesMedia function fails to validate mediaPath...

CVE-2026-29611 OpenClaw < 2026.2.14 - Local File Inclusion via mediaPath Parameter in BlueBubbles Media Handling

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension must be installed and enabled media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBubblesMedia function fails to validate mediaPath...

CVE-2026-29611

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension must be installed and enabled media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBubblesMedia function fails to validate mediaPath...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the sendBlueBubblesMedia function. An attacker can access and exfiltrate arbitrary files from the local filesystem by supplying crafted paths to the mediaPath...

GHSA-RWJ8-P9VQ-25GV OpenClaw has a LFI in BlueBubbles media path handling

Summary The BlueBubbles extension accepted attacker-controlled local filesystem paths via mediaPath and could read arbitrary local files from disk before sending them as media attachments. Details When sendBlueBubblesMedia received a non-HTTP media source, the previous implementation resolved it ...

OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension

Summary The Feishu extension previously allowed sendMediaFeishu to treat attacker-controlled mediaUrl values as local filesystem paths and read them directly. Affected versions - = 2026.2.14 Impact If an attacker can influence tool calls directly or via prompt injection, they may be able to...