Lucene search
K

4 matches found

NVD
NVD
added 2026/06/23 7:17 p.m.9 views

CVE-2026-55249

@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync template string without shell-safe escaping. JSON.stringif...

8.8CVSS0.00288EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 7:5 p.m.27 views

CVE-2026-54555

CVE-2026-54555 affects rtK prior to 0.42.2. The issue lies in the permission splitter, which failed to conservatively split or reject shell constructs Bash treats as command boundaries or nested execution. Consequently, a command starting with an allowed prefix (e.g., git) could conceal a second,...

7.8CVSS6.1AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 6:33 p.m.10 views

EUVD-2026-38571

@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync template string without shell-safe escaping. JSON.stringif...

6.3CVSS6.2AI score0.00288EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 6:33 p.m.51 views

CVE-2026-55249

The CVE-2026-55249 issue affects @rtk-ai/rtk-rewrite OpenClaw plugin (v1.0.0), where attacker-controlled input is injected into a shell-backed execSync() template string. JSON.stringify() wraps values in quotes but does not neutralize shell metacharacters, leaving $() and backticks untouched. Sin...

8.8CVSS6.2AI score0.00288EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder