OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause an authenticated caller with operator.write scope to invoke the owner-only tool interface...

CVE-2026-33226

CVE-2026-33226 – Budibase SSRF (unrestricted REST datasource query preview): In Budibase versions up to 3.30.6, the REST datasource query preview endpoint (POST /api/queries/preview) passes user-supplied fields.path directly to the HTTP client without validation, enabling an authenticated admin t...

GHSA-9F94-5G5W-GF6R CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

CVE-2026-22172

OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token or password-authenticated connections to self-declare elevated scopes without server-side binding. Attackers can exploit this logic flaw to present unauthorize...

CVE-2026-22172 OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections

OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token or password-authenticated connections to self-declare elevated scopes without server-side binding. Attackers can exploit this logic flaw to present unauthorize...

CVE-2026-22172

OpenClaw is affected: versions prior to 2026.3.12 contain an authorization bypass in the WebSocket connect path. The flaw lets shared-token or password-authenticated connections self-declare elevated scopes without server-side binding, enabling unauthorized scopes such as operator.admin and poten...

CVE-2026-33132 ZITADEL is missing enforcement of organization scopes

ZITADEL is an open source identity management platform. Versions prior to 3.4.9 and 4.0.0 through 4.12.2 allowed users to bypass organization enforcement during authentication. Zitadel allows applications to enforce an organzation context during authentication using scopes urn:zitadel:iam:org:id:...

CVE-2026-4428

The CVE relates to AWS-LC CRL distribution point validation logic before 1.71.0. A logic error caused partitioned CRLs to be incorrectly rejected as out of scope, enabling a revoked certificate to bypass revocation checks. Affected software is AWS-LC prior to 1.71.0; the issue is fixed in AWS-LC ...

GHSA-439W-V2P7-PGGC Juju has unauthorized access to out-of-scope Kubernetes secrets

Summary Grantee is able to update secret content using the secret-set tool due to broad Kubernetes access policy. Implications are that it is possible, knowing a Kubernetes secret identifier e.g. name, to patch without affecting the secret, revealing the value, or, patching while affecting the...

RUSTSEC-2026-0048 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

CVE-2026-23248

CVE-2026-23248 affects the Linux kernel perf/core component, specifically the perf_mmap path that initializes a ring_buffer. The issue is a race between a failing mmap() setup and a concurrent mmap() on a dependent event (e.g., due to output redirection). The ring_buffer pointer (event-&gt;rb) is...

Improper Access Control

code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to incorrect handling of API tokens with scopes limited to public resources, which allows an attacker to access private resources using a token that should only permit access to public data...

Improper Access Control

code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to incorrect propagation of token scope within its package registry access control, which allows an attacker to gain unauthorized access to package resources by misusing improperly scoped tokens...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a reserved leak that occurs due to certain incorrect paths when inline scope is inserted...

GHSA-RQPP-RJJ8-7WV8 OpenClaw: WebSocket shared-auth connections could self-declare elevated scopes

Summary A logic flaw in the OpenClaw gateway WebSocket connect path allowed certain device-less shared-token or password-authenticated backend connections to keep client-declared scopes without server-side binding. A shared-authenticated client could present elevated scopes such as operator.admin...

CVE-2026-32341

Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Benevolent: from n/a through = 1.3.9...

OpenClaw: Write-scoped callers could reach admin-only session reset logic through `agent`

Summary In affected versions of openclaw, a gateway caller with operator.write could issue agent requests containing /new or /reset and reach the same reset path used by the admin-only sessions.reset RPC. Impact On gateways where a caller is intentionally granted operator.write but not...

OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions

Summary In affected versions of openclaw, channel-initiated config mutations were authorized against the originating account's configWrites policy but did not consistently re-check the targeted account scope. An authorized sender on one account could mutate protected sibling-account configuration...

GHSA-8JHH-JCQG-MJ5P OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions

Summary In affected versions of openclaw, channel-initiated config mutations were authorized against the originating account's configWrites policy but did not consistently re-check the targeted account scope. An authorized sender on one account could mutate protected sibling-account configuration...

GHSA-4W7M-58CG-CMFF OpenClaw: Leaf subagents could steer sibling sessions across sandbox boundaries

Summary In affected versions of openclaw, sandboxed leaf subagents could still access the subagents control surface and resolve against the parent requester scope instead of remaining confined to their own session tree. Impact A low-privilege sandboxed leaf worker could steer or kill a sibling ru...