Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/04/28 7:37 p.m.6 views

CVE-2026-41388

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...

6.5CVSS0.00307EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/28 6:9 p.m.2 views

CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...

6.5CVSS5.2AI score0.00307EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/28 6:9 p.m.31 views

CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...

6.5CVSS0.00307EPSS
Exploits0References3
CVE
CVEadded 2026/04/28 6:9 p.m.6 views

CVE-2026-41388

OpenClaw advisory CVE-2026-41388 affects openclaw (npm) prior to 2026.3.31. The issue is a configuration management vulnerability where startup migration treats empty-array settings as missing values, allowing an attacker to restart the application and rehydrate revoked Tlon configuration from fi...

6.5CVSS5.3AI score0.00307EPSS
Exploits0References3Affected Software1
Snyk
Snykadded 2026/04/03 3:20 a.m.2 views

Interpretation Conflict

Overview @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array value...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References2
Snyk
Snykadded 2026/04/03 3:20 a.m.3 views

Interpretation Conflict

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Interpretation Conflict in the startup migration process. An attacker can restore previously revoked configuration settings by leveraging the improper handling of empty-array values in th...

6.5CVSS5.9AI score0.00307EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/04/03 3:20 a.m.6 views

OpenClaw: Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config

Summary Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: v2026.3.28 startup migration still treats empty-array settings as missing and can rehydrate revoked Tlon config from file state afte...

6.5CVSS5.9AI score0.00307EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder