6 matches found
GHSA-6JM4-83G2-35GV Duplicate Advisory: memory-wiki shared search could miss session visibility checks
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-72fw-cqh5-f324. This link is maintained to preserve external references. Original DescriptionOpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows...
CVE-2026-53844
OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated callers to access memory entries without proper authorization. Attackers can skip session visibility guards on the search path to retrieve memory entries that shoul...
CVE-2026-53844
OpenClaw vulnerability CVE-2026-53844 affects OpenClaw prior to version 2026.4.29, involving a session visibility check bypass in the shared memory search path. The issue enables authenticated callers to skip session visibility guards and access memory entries that should not be visible to their ...
PT-2026-49761
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.29 Description A session visibility check bypass exists in the shared memory search of the memory-wiki feature. This allows authenticated callers to skip session visibility guards on the search path, enabling...
PT-2026-34781
OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke session status without sandbox constraints to bypass session-policy...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were due to a session visibility bypass vulnerability. The sessionstatus function did not enforce the configured...