Lucene search
K

5 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.16 views

CVE-2026-41913

OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...

6.3CVSS0.00211EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/28 6:10 p.m.32 views

CVE-2026-41913 OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts

OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...

6.3CVSS0.00211EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:10 p.m.29 views

CVE-2026-41913

OpenClaw before 2026.4.4 contains a race condition in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget on Tailscale-capable paths. Attackers can exploit multiple simultaneous authentication attempts to circumvent intended rate-limit...

6.3CVSS5.3AI score0.00211EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/28 6:10 p.m.12 views

EUVD-2026-26119

OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...

6.3CVSS5.3AI score0.00211EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.13 views

PT-2026-35795

OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...

6.3CVSS5.3AI score0.00211EPSS
Exploits0References6
Rows per page
Query Builder