Lucene search
K

8 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.3 views

CVE-2026-41393

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS0.00117EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/28 6:9 p.m.3 views

CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS5.3AI score0.00117EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:9 p.m.9 views

CVE-2026-41393

CVE-2026-41393 affects OpenClaw prior to 2026.3.31, where a wide-area discovery flaw can cause arbitrary tailnet peers to be accepted as DNS authorities. Attackers with the same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials via DNS steering manipulation. Affe...

5.9CVSS5.4AI score0.00117EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:9 p.m.3 views

CVE-2026-41393

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS5.3AI score0.00117EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/28 6:9 p.m.28 views

CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS0.00117EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 6:9 p.m.8 views

EUVD-2026-26101

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS5.3AI score0.00117EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.9 views

PT-2026-35777

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A wide-area discovery issue allows arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator...

5.9CVSS5.9AI score0.00117EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained a access control vulnerability, which was caused by a wide-area discovery vulnerability. This vulnerability allowed arbitrary tailnet peers to be accepted as DNS...

5.9CVSS5.9AI score0.00117EPSS
Exploits0References1
Rows per page
Query Builder