Lucene search
K

5 matches found

NVD
NVD
added 2026/04/10 5:17 p.m.12 views

CVE-2026-35648

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

5.9CVSS0.00217EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.4 views

CVE-2026-35648

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

3.7CVSS5.9AI score0.00217EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35648 OpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Queued Node Actions

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

3.7CVSS5.9AI score0.00217EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/10 4:3 p.m.5 views

EUVD-2026-21442

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

3.7CVSS5.9AI score0.00217EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/26 9:14 p.m.4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization due to the lack of revalidation of queued node actions against the current policy at the time of delivery. An attacker can execute previously allowed actions that...

6.9CVSS6AI score0.00217EPSS
Exploits0References3
Rows per page
Query Builder