348 matches found
CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
CVE-2026-4039
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
CVE-2026-4039
Summary: CVE-2026-4039 affects OpenClaw 2026.2.19-2, specifically the Skill Env Handler’s function applySkillConfigenvOverrides, allowing remote code injection via manipulated environment configuration. A fix is published and the advisory notes upgrading to 2026.2.21-beta.1 (patch 8c9f35cdb51692b...
Execution Is the New Attack Surface: Survivability-Aware Agentic Crypto Trading with OpenClaw-Style Local Executors
OpenClaw-style agent stacks turn language into privileged execution: LLM intents flow through tool interception, policy gates, and a local executor. In parallel, skill marketplaces such as skills.sh make capability acquisition as easy as installing skills and CLIs, creating a growing capability...
CVE-2026-28457
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
CVE-2026-28457
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
EUVD-2026-9905
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the autoAllowSkills process. An attacker can execute unauthorized skills without operator approval by exploiting a skill-name collision when autoAllowSkills is...
OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt
Summary In openclaw versions up to and including 2026.2.22-2, a non-default exec-approval configuration could allow a skill-name collision to bypass an ask=on-miss prompt. When autoAllowSkills=true, a path-scoped executable such as ./skill-bin could resolve to basename skill-bin, satisfy the skil...
GHSA-7FF8-XJH3-MGH6 OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt
Summary In openclaw versions up to and including 2026.2.22-2, a non-default exec-approval configuration could allow a skill-name collision to bypass an ask=on-miss prompt. When autoAllowSkills=true, a path-scoped executable such as ./skill-bin could resolve to basename skill-bin, satisfy the skil...
GHSA-77HF-7FQF-F227 OpenClaw skills-install-download: tar.bz2 extraction bypassed archive safety parity checks (local DoS)
Summary The tar.bz2 installer path in src/agents/skills-install-download.ts used shell tar preflight/extract logic that did not share the same hardening guarantees as the centralized archive extractor. This allowed crafted .tar.bz2 archives to bypass special-entry blocking and extracted-size...
OpenClaw's sandbox skill mirroring path traversal vulnerability could write outside the sandbox workspace
Overview In affected versions, OpenClaw’s sandbox skill mirroring used the skill’s frontmatter name as part of the destination path when copying skills into the sandbox workspace. A crafted skill name containing traversal segments for example ../ or an absolute path could cause the copy to write...
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the sandbox skill mirroring command. An attacker can cause files to be written outside the intended workspace by supplying a crafted skill package with traversal...
GHSA-XW4P-PW82-HQR7 OpenClaw's sandbox skill mirroring path traversal vulnerability could write outside the sandbox workspace
Overview In affected versions, OpenClaw’s sandbox skill mirroring used the skill’s frontmatter name as part of the destination path when copying skills into the sandbox workspace. A crafted skill name containing traversal segments for example ../ or an absolute path could cause the copy to write...
OpenClaw has an unspecified vulnerability (CNVD-2026-13377)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an unspecified vulnerability that stems from insufficient validation of the targetDir value during download skill installation, which can be exploited by an attacker to cause files to be written outsid...