6791 matches found
CVE-2026-15193
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-15193
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-15193
CVE-2026-15193 affects AidanPark openclaw-android up to 0.4.0. The issue resides in Android WebView Bridge's JsBridge.kt (unknown function) and enables OS command injection via local access. Publicly disclosed exploit details exist, and a fix is awaiting acceptance in a pull request. Remediation ...
EUVD-2026-42626
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-59261 OpenClaw < 2026.5.28 - Credential Override via Workspace Dotenv Files
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries...
CVE-2026-59261
OpenClaw vulnerable before version 2026.5.28 due to a credential exposure where workspace dotenv files can override provider credentials. The issue allows attackers with lower-trust access to configured input paths to exfiltrate sensitive data and credentials meant for trusted boundaries. There i...
EUVD-2026-42322
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries...
PT-2026-56484
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.28 Description A credential exposure issue exists where workspace dotenv files can override provider credentials. This allows attackers with lower-trust access to configured input paths to expose sensitive dat...
GHSA-P73F-W79W-JQR5 OpenClaw: Native command authorization could skip owner-command enforcement
Summary Native command authorization could skip owner-command enforcement. In affected versions, a sender able to trigger native command handling could authorize a native command without enforcing the configured owner-only command policy. This advisory is scoped to the named feature and...
GHSA-J472-GF56-X589 OpenClaw: PowerShell encoded-command aliases could miss exec allowlist checks
Summary PowerShell encoded-command aliases could miss exec allowlist checks. In affected versions, a command request using abbreviated encoded-command flags could use an alias form not recognized by the allowlist parser. This advisory is scoped to the named feature and configuration. It does not...
GHSA-77Q5-RR5V-X43Q OpenClaw: Trusted retry endpoint checks could match hostname prefixes
Summary Trusted retry endpoint checks could match hostname prefixes. In affected versions, a retry endpoint URL chosen by lower-trust input could pass validation by using a hostname prefix that resembled a trusted host. This advisory is scoped to the named feature and configuration. It does not...
GHSA-W5WW-7CHG-MXCQ OpenClaw: Telegram interactive callbacks could skip commands.allowFrom
Summary Telegram interactive callbacks could skip commands.allowFrom. In affected versions, a Telegram user able to invoke an affected callback could mark the callback as an authorized sender before applying commands.allowFrom. This advisory is scoped to the named feature and configuration. It do...
GHSA-7HXM-F538-3XP6 OpenClaw: Matrix allowFrom could bind to mutable display names
Summary Matrix allowFrom could bind to mutable display names. In affected versions, a Matrix account able to change display name metadata could match a policy entry through mutable display metadata. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...
EUVD-2026-36317
OpenClaw: Matrix allowFrom could bind to mutable display names...
EUVD-2026-36322
OpenClaw: Paired nodes could forge exec lifecycle events without system.run provenance...
EUVD-2026-36312
OpenClaw: Combined POSIX shell options could confuse exec revalidation...
GHSA-VXX3-6HC9-7CC3 OpenClaw: Combined POSIX shell options could confuse exec revalidation
Summary Combined POSIX shell options could confuse exec revalidation. In affected versions, a command request using combined shell flags could parse approval-time and execution-time shell options differently. This advisory is scoped to the named feature and configuration. It does not change...
EUVD-2026-36324
OpenClaw: MCP loopback could skip owner-only tool policy for non-owner callers...
GHSA-275C-XPVC-JGFW OpenClaw: Slack and Zalo webhook secrets could remain active after secrets.reload
Summary Slack and Zalo webhook secrets could remain active after secrets.reload. In affected versions, a caller with an old webhook secret during the stale-secret window could keep accepting the previous secret after secrets.reload. This advisory is scoped to the named feature and configuration. ...
GHSA-6C4R-G249-WV3C OpenClaw: Sandboxed session spawn could expose the real workspace path to child prompts
Summary Sandboxed session spawn could expose the real workspace path to child prompts. In affected versions, a child session spawned from a sandboxed parent could forward the host workspace path into the child session prompt. This advisory is scoped to the named feature and configuration. It does...