58576 matches found
OpenClaw: Assistant media route missed scope enforcement for trusted-proxy authorization
Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The Control UI assistant-media route authenticated trusted-proxy callers but did not enforce the declared operator scopes for identity-bearing HTTP auth paths. A trusted-proxy...
GHSA-V8QF-FR4G-28P2 OpenClaw: Assistant media route missed scope enforcement for trusted-proxy authorization
Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The Control UI assistant-media route authenticated trusted-proxy callers but did not enforce the declared operator scopes for identity-bearing HTTP auth paths. A trusted-proxy...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-cloudwatchevents, flux-image-reflector-controller-fips, crossplane-provider-aws-kafka, yunikorn-k8shim, skopeo-fips, flux-image-reflector-controller, crossplane-provider-aws-kms, crossplane-provider-gitlab-fips, gitlab-operator-fips,...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-cloudwatchevents, flux-image-reflector-controller-fips, crossplane-provider-aws-kafka, yunikorn-k8shim, skopeo-fips, flux-image-reflector-controller, crossplane-provider-aws-kms, crossplane-provider-gitlab-fips, gitlab-operator-fips,...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-dynamodb, osv-scanner, trivy, eksctl, cloudflared, podman, cri-tools, docker-machine-driver-harvester, nuclei, cluster-api-provider-vsphere, argo-events, kargo, crossplane-provider-aws-cloudwatchlogs, rclone, aws-privateca-issuer, step,...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-dynamodb, osv-scanner, trivy, eksctl, cloudflared, podman, cri-tools, docker-machine-driver-harvester, nuclei, cluster-api-provider-vsphere, argo-events, kargo, crossplane-provider-aws-cloudwatchlogs, rclone, aws-privateca-issuer, step,...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: flux, rancher-agent, kyverno, ratify, yunikorn-k8shim, cert-manager-csi-driver, minio, teleport, nuclei, cert-manager-cmctl, seaweedfs, k6, rancher-webhook, zot, cert-manager-istio-csr, rclone, cert-manager, telegraf, openbao, sftpgo-plugin-auth, dex,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: flux, rancher-agent, kyverno, ratify, yunikorn-k8shim, cert-manager-csi-driver, minio, teleport, nuclei, cert-manager-cmctl, seaweedfs, k6, rancher-webhook, zot, cert-manager-istio-csr, rclone, cert-manager, telegraf, openbao, sftpgo-plugin-auth, dex,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: percona-server-mongodb-operator-fips, yunikorn-k8shim, k6-fips, cert-manager-istio-csr, beats-fips, flux, neuvector-fips, terraform-fips, grafana, ratify-fips, minio, telegraf, harbor-fips, cert-manager-openshift-routes, gitlab-runner, xeol, trufflehog,...
k8sGPT has Prompt Injection through its k8sGPT-Operator
Summary In the auto-remediation pipeline, objecttoexecution.go was deserializing the AI-generated YAML directly into a Deployment object, but there was lack of validation from the original Deployment object. Details This issue was fixed after coordination with Alex Jones. PoC To minimize the...
GHSA-394X-274P-MQC6 Duplicate Advisory: OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-767m-xrhc-fxm7. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write...
Duplicate Advisory: OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mhr7-2xmv-4c4q. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy...
EUVD-2026-25331
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by sending malicious requests from a browser in trusted-proxy deployments to perform unauthorized...
GHSA-2XP4-QHR4-XQM2 Duplicate Advisory: OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mhr7-2xmv-4c4q. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy...
CVE-2026-41347
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by sending malicious requests from a browser in trusted-proxy deployments to perform unauthorized...
CVE-2026-41359 OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...
CVE-2026-41359 OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...
CVE-2026-41359
OpenClaw prior to version 2026.3.28 contains a privilege escalation vulnerability. Authenticated operators with write permissions can access admin-class Telegram configuration and cron persistence settings via the send endpoint due to insufficient access controls. The CVE entry notes a CVSS v3.1/...
CVE-2026-41347 OpenClaw < 2026.3.31 - Cross-Site Request Forgery via Missing Browser-Origin Validation in HTTP Operator Endpoints
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by sending malicious requests from a browser in trusted-proxy deployments to perform unauthorized...
CVE-2026-41347
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by sending malicious requests from a browser in trusted-proxy deployments to perform unauthorized...