2 matches found
OpenClaw has an unspecified vulnerability (CNVD-2026-14830)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from not consistently applying sender policy checks to reaction and pin non-message events, which can be exploited by an attacker to cause the injection of...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the handling of Slack system events in members.ts and messages.ts due to missing sender authorization checks before enqueueing events. An attacker can gain...