Lucene search
K

6 matches found

NVD
NVD
added 2026/06/12 10:16 p.m.14 views

CVE-2026-53826

OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context ...

4.3CVSS0.00187EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:56 p.m.8 views

CVE-2026-53826 OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn

OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context ...

4.3CVSS5.3AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:56 p.m.34 views

CVE-2026-53826 OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn

OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context ...

4.3CVSS0.00187EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:56 p.m.29 views

CVE-2026-53826

OpenClaw is affected by an information-disclosure vulnerability in sandboxed session spawning affecting versions prior to 2026.4.26. The issue allows a sandboxed parent to reveal the real workspace path to child prompts, potentially exposing host workspace location or related memory context to ch...

4.3CVSS5.4AI score0.00187EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.25 views

PT-2026-49030

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.26 Description An information disclosure issue exists in sandboxed session spawning that exposes the real workspace path to child prompts. This allows attackers to reveal the host workspace location or related...

4.3CVSS5.2AI score0.00187EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/23 9:36 p.m.22 views

CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command

OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass sandbox restrictions by invoking the /acp spawn slash-command to cross from sandboxed chat conte...

6.1CVSS0.00104EPSS
Exploits0References3
Rows per page
Query Builder