Lucene search
K

82 matches found

CNVD
CNVD
added 2026/04/08 12:0 a.m.3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16698)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause an attacker with operator.pairing privileges to cast tokens with broader privileges to obtain an operator.admin token and execute...

9.9CVSS7.7AI score0.0054EPSS
Exploits0
OSV
OSV
added 2026/04/07 6:10 p.m.3 views

GHSA-H2V7-XC88-XX8C OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels

Summary /phone arm//phone disarm Bypasses operator.admin Scope Check for External Channels Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Maintainers accepted this issue, fixed it in aa66ae1fc797d3298cc409ed2c5da69a89950a45 on 2026-03-27, and that fix shipped...

6.9CVSS5.8AI score0.00331EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.7 views

OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels

Summary /phone arm//phone disarm Bypasses operator.admin Scope Check for External Channels Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Maintainers accepted this issue, fixed it in aa66ae1fc797d3298cc409ed2c5da69a89950a45 on 2026-03-27, and that fix shipped...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/03 3:5 a.m.2 views

GHSA-G374-MGGX-P6XC OpenClaw: Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode

Summary Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode Current Maintainer Triage - Normalized severity: high - Assessment: v2026.3.28 still misses trusted-proxy scope clearing for non-Control-UI clients, so self-declared operator scopes can survive on a...

8.6CVSS5.9AI score0.0034EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/30 6:59 p.m.2 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization through insufficient scope enforcement in the /allowlist command handler. An attacker can make unauthorized persistent changes to configuration and pairing-store...

7.1CVSS5.9AI score0.00442EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 6:59 p.m.3 views

GHSA-VQVG-86CC-CG83 OpenClaw: Mutating internal `/allowlist` chat commands missed `operator.admin` scope enforcement

Fixed in OpenClaw 2026.3.24, the current shipping release. Title Mutating internal /allowlist chat commands missed operator.admin scope enforcement CWE CWE-862 Missing Authorization CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Base score: 6.5 Medium Severity Assessment Medium. This is a...

6.5CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/30 6:59 p.m.6 views

OpenClaw: Mutating internal `/allowlist` chat commands missed `operator.admin` scope enforcement

Fixed in OpenClaw 2026.3.24, the current shipping release. Title Mutating internal /allowlist chat commands missed operator.admin scope enforcement CWE CWE-862 Missing Authorization CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Base score: 6.5 Medium Severity Assessment Medium. This is a...

5.9AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/03/29 3:49 p.m.1 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the deleteSession process. An attacker can gain unauthorized access to privileged operations by exploiting the fallback mechanism that assigns a synthetic...

8.8CVSS5.9AI score0.0028EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/29 3:30 p.m.4 views

EUVD-2026-17003

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin toke...

9.9CVSS6.5AI score0.0054EPSS
Exploits0References3
NVD
NVD
added 2026/03/29 1:17 p.m.4 views

CVE-2026-32987

OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admi...

9.8CVSS0.00351EPSS
Exploits0References3
CVE
CVE
added 2026/03/29 12:44 p.m.14 views

CVE-2026-32987

OpenClaw prior to version 2026.3.13 is affected. The flaw resides in bootstrap verification logic (src/infra/device-bootstrap.ts) where bootstrap setup codes can be replayed during device pairing. An attacker can repeatedly verify a valid bootstrap code before approval, enabling escalation of pen...

9.8CVSS5.9AI score0.00351EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/29 12:44 p.m.2 views

CVE-2026-32987 OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing

OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admi...

9.8CVSS5.9AI score0.00351EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/29 12:0 a.m.13 views

PT-2026-28450

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description OpenClaw contains a privilege escalation issue within the device.token.rotate function. Callers possessing operator.pairing scope can generate tokens with expanded scopes, bypassing intended sco...

9.9CVSS6.5AI score0.0054EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/03/29 12:0 a.m.6 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.13 contained security vulnerabilities. These vulnerabilities stemmed from replayable bootstrapping code during device pairing verification. This allowed attackers to repeatedly...

9.8CVSS5.9AI score0.00351EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/29 12:0 a.m.3 views

PT-2026-28462

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.13 Description The software contains a flaw where bootstrap setup codes can be replayed during device pairing verification within the src/infra/device-bootstrap.ts component. An attacker can repeatedly verify ...

9.8CVSS5.9AI score0.00351EPSS
Exploits0References8
OSV
OSV
added 2026/03/27 10:30 p.m.1 views

GHSA-QM2M-28PF-HGJW OpenClaw: Gateway Plugin HTTP Auth Grants Unrestricted operator.admin Runtime Scope to All Callers

Summary Gateway Plugin HTTP auth: "gateway" Mints operator.admin Runtime Scope Affected Packages / Versions - Package: openclaw - Affected versions: = 2026.3.24 - First patched version: 2026.3.25 - Latest published npm version at verification time: 2026.3.24 Details Gateway-authenticated plugin...

8.6CVSS5.9AI score0.00298EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/27 10:30 p.m.11 views

OpenClaw: Gateway Plugin HTTP Auth Grants Unrestricted operator.admin Runtime Scope to All Callers

Summary Gateway Plugin HTTP auth: "gateway" Mints operator.admin Runtime Scope Affected Packages / Versions - Package: openclaw - Affected versions: = 2026.3.24 - First patched version: 2026.3.25 - Latest published npm version at verification time: 2026.3.24 Details Gateway-authenticated plugin...

8.8CVSS5.9AI score0.00298EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/27 10:29 p.m.10 views

GHSA-FQW4-MPH7-2VR8 OpenClaw: Silent privilege escalation via gateway shared-auth reconnect

Summary Gateway local shared-auth reconnect silently widens paired device scope from operator.read to operator.admin and reach node RCE Affected Packages / Versions - Package: openclaw - Affected versions: = 2026.3.24 - First patched version: 2026.3.25 - Latest published npm version at verificati...

9.4CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/27 10:29 p.m.9 views

OpenClaw: Silent privilege escalation via gateway shared-auth reconnect

Summary Gateway local shared-auth reconnect silently widens paired device scope from operator.read to operator.admin and reach node RCE Affected Packages / Versions - Package: openclaw - Affected versions: = 2026.3.24 - First patched version: 2026.3.25 - Latest published npm version at verificati...

5.9AI score
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/27 10:29 p.m.2 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the backend reconnect process. An attacker can escalate privileges by reconnecting with non-admin operator scopes and self-claiming higher privileges such as...

9.6CVSS5.9AI score0.00276EPSS
Exploits0References3
Rows per page
Query Builder