Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/04/28 6:9 p.m.34 views

CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...

6.5CVSS0.00307EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 6:9 p.m.6 views

EUVD-2026-26097

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...

6.5CVSS5.2AI score0.00307EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:9 p.m.10 views

CVE-2026-41388

OpenClaw advisory CVE-2026-41388 affects openclaw (npm) prior to 2026.3.31. The issue is a configuration management vulnerability where startup migration treats empty-array settings as missing values, allowing an attacker to restart the application and rehydrate revoked Tlon configuration from fi...

6.5CVSS5.3AI score0.00307EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.6 views

PT-2026-35773

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A configuration management issue exists where startup migration treats empty-array settings as missing values. This allows attackers to restart the application to rehydrate revoked Tlon...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/03 3:20 a.m.5 views

Interpretation Conflict

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array values in th...

6.5CVSS5.9AI score0.00307EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 3:20 a.m.3 views

Interpretation Conflict

Overview @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array value...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References2
Rows per page
Query Builder