Lucene search
K

4 matches found

CNVD
CNVD
added 2026/03/24 12:0 a.m.1 views

OpenClaw Metadata Spoofing Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a metadata forgery vulnerability that stems from client-submitted reconnect platform and device family fields not being bound to a device authentication signature. An attacker could use this...

8.6CVSS5.9AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 10:16 p.m.4 views

CVE-2026-32014

OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect...

8CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/03 12:40 a.m.9 views

GHSA-R65X-2HQR-J5HF OpenClaw: Node reconnect metadata spoofing could bypass platform-based node command policy

Summary A paired node device could reconnect with spoofed platform/deviceFamily metadata and broaden node command policy eligibility because reconnect metadata was accepted from the client while these fields were not bound into the device-auth signature. Affected Packages / Versions - Package:...

8.6CVSS6AI score0.0019EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2018/08/23 3:57 p.m.14 views

Recent App Issues Reveal Facebook’s Struggles to Temper Data Privacy Woes

Facebook was hit with a double privacy punch regarding data privacy on Wednesday. First, Facebook acknowledged in a public post that one of the apps on its platform, myPersonality, inappropriately shared 4 million users’ data with researchers. Also on Wednesday, The Wall Street Journal reported...

Exploits0References7
Rows per page
Query Builder