CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/03/26 7:0 p.m.•1 views

GHSA-WQ58-2PVG-5H4F OpenClaw: Gateway agent /reset exposes admin session reset to operator.write callers

Summary Before v2026.3.23, the Gateway agent RPC accepted /reset and /new for callers with only operator.write, even though the direct sessions.reset RPC correctly requires operator.admin. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.23 - Latest released tag checked:...

7.1CVSS5.8AI score0.00272EPSS

Exploits0References3

RedhatCVE•added 2026/03/26 3:15 p.m.•2 views

CVE-2026-4515

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS6.1AI score0.00241EPSS

RedhatCVE•added 2026/03/26 3:15 p.m.•3 views

CVE-2026-4761

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...

RedhatCVE•added 2026/03/26 3:7 p.m.•2 views

CVE-2026-31993

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...

6.4CVSS6.1AI score0.00291EPSS

RedhatCVE•added 2026/03/26 3:4 p.m.•5 views

CVE-2026-3611

The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...

10CVSS5.9AI score0.05585EPSS

Exploits1References1

RedhatCVE•added 2026/03/26 3:2 p.m.•1 views

CVE-2026-32042

OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operator scopes including operator.admin. Attackers with valid shared gateway authentication can present...

8.8CVSS5.8AI score0.00439EPSS

RedhatCVE•added 2026/03/26 3:2 p.m.•3 views

CVE-2026-32051

OpenClaw versions prior to 2026.3.1 contain an authorization mismatch vulnerability that allows authenticated callers with operator.write scope to invoke owner-only tool surfaces including gateway and cron through agent runs in scoped-token deployments. Attackers with write-scope access can perfo...

8.8CVSS5.8AI score0.00412EPSS

RedhatCVE•added 2026/03/26 3:2 p.m.•3 views

CVE-2026-32025

OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-forc...

7.5CVSS5.8AI score0.00294EPSS

CNVD•added 2026/03/26 12:0 a.m.•2 views

OpenClaw Command Execution Vulnerability (CNVD-2026-16046)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a command execution vulnerability that can be exploited by an attacker to cause an authenticated operator to execute arbitrary parameters...

8.8CVSS6.2AI score0.00406EPSS

Exploits0

Positive Technologies•added 2026/03/26 12:0 a.m.•4 views

PT-2026-31774

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.22 Description OpenClaw contains a privilege escalation issue in the device.pair.approve method. An operator with pairing approval rights can approve device requests with broader operator scopes than authorize...

9.4CVSS6.4AI score0.00458EPSS

Exploits0References15

CNVD•added 2026/03/26 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-16387)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause an authenticated caller with operator.write scope to invoke the owner-only tool interface...

8.8CVSS5.7AI score0.00412EPSS

Exploits0

RedHat Linux•added 2026/03/25 11:56 p.m.•9 views

Important: Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release.

DevWorkspace Operator 0.40.0 has been released. The DevWorkspace Operator extends OpenShift to provide DevWorkspace support...

10CVSS6.6AI score0.00789EPSS

Exploits4References6

EUVD•added 2026/03/25 3:31 p.m.•4 views

EUVD-2026-15404

NVD•added 2026/03/25 1:16 p.m.•2 views

CVE-2026-4761

7.5CVSS0.00122EPSS

ATTACKERKB•added 2026/03/25 12:45 p.m.•3 views

CVE-2026-4761

Exploits0References2Affected Software1

CVE•added 2026/03/25 12:45 p.m.•7 views

CVE-2026-4761

The CVE-2026-4761 issue affects Windows machines where a certificate and its private key are installed in the certificate store via the Network and Security tool. The underlying problem is that access rights to the private key are unnecessarily granted to the operator group. Affected installation...

7.5CVSS5.8AI score0.00122EPSS

Exploits0References1Affected Software4

Positive Technologies•added 2026/03/25 12:0 a.m.•4 views

PT-2026-27762

OSV•added 2026/03/24 10:13 p.m.•2 views

GHSA-C875-H985-HVRC Scriban: Built-in operations bypass LoopLimit and delay cancellation, enabling Denial of Service

Summary Scriban's LoopLimit only applies to script loop statements, not to expensive iteration performed inside operators and builtins. An attacker can submit a single expression such as 1..1000000 | array.size and force large amounts of CPU work even when LoopLimit is set to a very small value...

7.5CVSS6AI score