Lucene search
+L

4 matches found

EUVD
EUVD
added 2026/03/29 3:30 p.m.5 views

EUVD-2026-17026

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the...

8.8CVSS6.1AI score0.00297EPSS
Exploits0References3
NVD
NVD
added 2026/03/29 1:17 p.m.6 views

CVE-2026-33573

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the...

8.8CVSS0.00297EPSS
Exploits0References2
OSV
OSV
added 2026/03/29 12:44 p.m.3 views

CVE-2026-33573 OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the...

8.7CVSS6.2AI score0.00297EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/13 8:55 p.m.17 views

OpenClaw: Gateway `agent` calls could override the workspace boundary

Summary The public gateway agent RPC allowed an authenticated operator with operator.write to supply attacker-controlled spawnedBy and workspaceDir values. That let the caller re-root the agent run outside its configured workspace boundary. Impact A non-owner operator could escape the intended...

5.9AI score
Exploits0References3Affected Software1
Rows per page
Query Builder