Lucene search
K

360 matches found

OSV
OSV
added 2026/03/05 9:59 p.m.4 views

CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...

5.6CVSS6AI score0.00134EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/05 9:59 p.m.0 views

CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...

6.1CVSS5.8AI score0.00134EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/05 9:59 p.m.7 views

EUVD-2026-9905

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...

5.6CVSS5.9AI score0.00134EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.30 views

CVE-2026-28457 OpenClaw < 2026.2.14 - Path Traversal in Sandbox Skill Mirroring via Name Parameter

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...

6.1CVSS0.00134EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 10:13 p.m.4 views

GHSA-7FF8-XJH3-MGH6 OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt

Summary In openclaw versions up to and including 2026.2.22-2, a non-default exec-approval configuration could allow a skill-name collision to bypass an ask=on-miss prompt. When autoAllowSkills=true, a path-scoped executable such as ./skill-bin could resolve to basename skill-bin, satisfy the skil...

7.3CVSS6AI score
Exploits0References3
Snyk
Snyk
added 2026/03/03 10:13 p.m.4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the autoAllowSkills process. An attacker can execute unauthorized skills without operator approval by exploiting a skill-name collision when autoAllowSkills is...

7.3CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/03 10:13 p.m.13 views

OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt

Summary In openclaw versions up to and including 2026.2.22-2, a non-default exec-approval configuration could allow a skill-name collision to bypass an ask=on-miss prompt. When autoAllowSkills=true, a path-scoped executable such as ./skill-bin could resolve to basename skill-bin, satisfy the skil...

6AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/03 9:32 p.m.5 views

GHSA-77HF-7FQF-F227 OpenClaw skills-install-download: tar.bz2 extraction bypassed archive safety parity checks (local DoS)

Summary The tar.bz2 installer path in src/agents/skills-install-download.ts used shell tar preflight/extract logic that did not share the same hardening guarantees as the centralized archive extractor. This allowed crafted .tar.bz2 archives to bypass special-entry blocking and extracted-size...

5.5CVSS6AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2026/03/02 10:51 p.m.3 views

GHSA-XW4P-PW82-HQR7 OpenClaw's sandbox skill mirroring path traversal vulnerability could write outside the sandbox workspace

Overview In affected versions, OpenClaw’s sandbox skill mirroring used the skill’s frontmatter name as part of the destination path when copying skills into the sandbox workspace. A crafted skill name containing traversal segments for example ../ or an absolute path could cause the copy to write...

7.1CVSS5.9AI score0.00134EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/02 10:51 p.m.3 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the sandbox skill mirroring command. An attacker can cause files to be written outside the intended workspace by supplying a crafted skill package with traversal...

7.9CVSS6.2AI score0.00134EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/02 10:51 p.m.11 views

OpenClaw's sandbox skill mirroring path traversal vulnerability could write outside the sandbox workspace

Overview In affected versions, OpenClaw’s sandbox skill mirroring used the skill’s frontmatter name as part of the destination path when copying skills into the sandbox workspace. A crafted skill name containing traversal segments for example ../ or an absolute path could cause the copy to write...

7.9CVSS5.9AI score0.00134EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2026/03/02 12:0 a.m.3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13377)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an unspecified vulnerability that stems from insufficient validation of the targetDir value during download skill installation, which can be exploited by an attacker to cause files to be written outsid...

6.8CVSS5.8AI score0.00166EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/02/28 12:15 a.m.4 views

indexdoc-converter (>=0.2.4 <=0.2.7), pdd-cli (>=0.0.70 <=0.0.250) +1 more potentially affected by CVE-2026-28231 via pillow-heif (>=1.1.1 <=1.2.0)

pillow-heif PYPI version =1.1.1, =0.2.4, =0.0.70, =0.4.0, =0.13.1 Source cves: CVE-2026-28231 Source advisory: SNYK:PYTHON-PILLOWHEIF-15426536...

9.1CVSS5.4AI score0.00632EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/28 12:0 a.m.5 views

Clawdrain: Exploiting Tool-Calling Chains for Stealthy Token Exhaustion in OpenClaw Agents

Modern generative agents such as OpenClaw - an open-source, self-hosted personal assistant with a community skill ecosystem, are gaining attention and are used pervasively. However, the openness and rapid growth of these ecosystems often outpace systematic security evaluation. In this paper, we...

6AI score
Exploits0
OSV
OSV
added 2026/02/27 9:36 p.m.3 views

GHSA-82G8-464F-2MV7 OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Summary applySkillConfigEnvOverrides previously copied skills.entries..env values into the host process.env without applying the host env safety policy. Impact In affected versions, dangerous process-level variables such as NODEOPTIONS could be injected when unset, which can influence...

5.1CVSS5.9AI score0.00316EPSS
Exploits0References5
Snyk
Snyk
added 2026/02/27 9:36 p.m.5 views

Multiple Releases of Same Resource or Handle

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Multiple Releases of Same Resource or Handle via the applySkillConfigEnvOverrides function. An attacker can inject dangerous environment variables into the host process by modifying local...

8.8CVSS6AI score0.00316EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/27 9:36 p.m.12 views

OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Summary applySkillConfigEnvOverrides previously copied skills.entries..env values into the host process.env without applying the host env safety policy. Impact In affected versions, dangerous process-level variables such as NODEOPTIONS could be injected when unset, which can influence...

8.8CVSS5.9AI score0.00316EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.4 views

PT-2026-24944

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.19-2 Description A flaw exists in the applySkillConfigenvOverrides function within the Skill Env Handler component. This issue allows for code injection when a manipulation is executed remotely. The issue arises becaus...

8.8CVSS6.6AI score0.00316EPSS
Exploits0References16
Packet Storm News
Packet Storm News
added 2026/02/27 12:0 a.m.10 views

Formal Analysis and Supply Chain Security for Agentic AI Skills

The rapid proliferation of agentic AI skill ecosystems -- exemplified by OpenClaw 228,000 GitHub stars and Anthropic Agent Skills 75,600 stars -- has introduced a critical supply chain attack surface. The ClawHavoc campaign January-February 2026 infiltrated over 1,200 malicious skills into the...

6AI score
Exploits0
HackRead
HackRead
added 2026/02/24 3:23 p.m.21 views

Amazon: Low-Skill Hacker Used AI Tools to Breach FortiGate Devices Globally

Amazon says a Russian speaking low-skill hacker used AI tools to breach hundreds of FortiGate devices worldwide, showing how AI can scale cyberattacks with basic methods...

5.5AI score
Exploits0
Rows per page
Query Builder