6 matches found
CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling
OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...
EUVD-2026-26097
OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...
CVE-2026-41388
OpenClaw advisory CVE-2026-41388 affects openclaw (npm) prior to 2026.3.31. The issue is a configuration management vulnerability where startup migration treats empty-array settings as missing values, allowing an attacker to restart the application and rehydrate revoked Tlon configuration from fi...
PT-2026-35773
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A configuration management issue exists where startup migration treats empty-array settings as missing values. This allows attackers to restart the application to rehydrate revoked Tlon...
Interpretation Conflict
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array values in th...
Interpretation Conflict
Overview @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array value...