CVE-2026-28395

OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension must be installed and enabled relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl...

CVE-2026-28395

OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension must be installed and enabled relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl...

CVE-2026-28395

OpenClaw's Chrome extension relay server (ensureChromeExtensionRelayServer) incorrectly treats wildcard hosts (0.0.0.0/::) as loopback, causing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl is configured. Affected versions are 2026.1.14-1 through 2026.2.11; fixed in 20...

PT-2026-23524

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.14-1 through 2026.2.11 Description The software contains an improper network binding issue in the Chrome extension relay server. The server incorrectly handles wildcard hosts, treating them as loopback addresses. This...

Improper Access Control

github.com/aws/amazon-ecs-agent is vulnerable to improper access control. The vulnerability is due to the introspection server being accessible off-host under certain security group configurations, which allows an attacker from another instance to gain unauthorized access to the server...

SUSE CVE-2025-9039

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

CVE-2025-9039

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

GHSA-WM7X-WW72-R77Q Information Disclosure in Amazon ECS Container Agent

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. Amazon ECS container agent provides an introspection API that provides information about the overall state of the...

CVE-2025-9039 Information Disclosure in Amazon ECS Container Agent

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

CVE-2025-9039

This CVE affects the Amazon ECS container agent: versions 0.0.3 through 1.97.0 allow an introspection server to be accessed off-host between instances in the same security group or when security groups permit inbound connections to the introspection port 51678. The issue is addressed in ECS agent...

PT-2025-33310

Name of the Vulnerable Software and Affected Versions: Amazon ECS agent versions 0.0.3 through 1.97.0 Description: An issue was identified in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the sa...