10 matches found
CVE-2026-41408
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...
CVE-2026-41408 OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...
CVE-2026-41408
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...
EUVD-2026-26115
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...
CVE-2026-41408 OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...
CVE-2026-41408
CVE-2026-41408 concerns OpenClaw before 2026.3.31, where a resource-exhaustion flaw in media downloads bypasses safety limits for file size, count, and cleanup, enabling potential disk-space exhaustion and availability impact. The advisory notes this is an availability-risk issue (low to medium s...
PT-2026-35791
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A resource exhaustion issue exists in media downloads that bypasses core safety limits regarding file size, count, and cleanup operations. This allows attackers to exhaust disk space by...
OpenClaw: Tlon media downloads can bypass core safety limits and exhaust disk
Summary Tlon media downloads can bypass core safety limits and exhaust disk Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped v2026.3.28 Tlon media downloads bypassed core size/count/cleanup limits, but this is availability-only resource exhaustion in a...
GHSA-4G5X-2JFC-XM98 OpenClaw: Tlon media downloads can bypass core safety limits and exhaust disk
Summary Tlon media downloads can bypass core safety limits and exhaust disk Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped v2026.3.28 Tlon media downloads bypassed core size/count/cleanup limits, but this is availability-only resource exhaustion in a...
GHSA-XW6W-9JJH-P9CR Scriban has Multiple Denial-of-Service Vectors via Unbounded Resource Consumption During Expression Evaluation
Summary Scriban's expression evaluation contains three distinct code paths that allow an attacker who can supply a template to cause denial of service through unbounded memory allocation or CPU exhaustion. The existing safety controls LimitToString, LoopLimit do not protect these paths, giving...