18 matches found
CVE-2026-41393
OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...
CVE-2026-41398
OpenClaw before 2026.4.2 contains an improper access control vulnerability in the iOS A2UI bridge that treats generic local-network pages as trusted origins. Attackers can inject unauthorized agent.request runs by loading attacker-controlled pages from local-network or tailnet hosts, polluting...
EUVD-2026-26101
OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...
CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery
OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...
CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery
OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...
CVE-2026-41393
OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...
CVE-2026-41393
CVE-2026-41393 affects OpenClaw prior to 2026.3.31, where a wide-area discovery flaw can cause arbitrary tailnet peers to be accepted as DNS authorities. Attackers with the same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials via DNS steering manipulation. Affe...
PT-2026-35777
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A wide-area discovery issue allows arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator...
PT-2026-35782
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2 Description An improper access control issue exists in the iOS A2UI bridge, which incorrectly treats generic local-network pages as trusted origins. This allows attackers to inject unauthorized agent.request...
OpenClaw 访问控制错误漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained a access control vulnerability, which was caused by a wide-area discovery vulnerability. This vulnerability allowed arbitrary tailnet peers to be accepted as DNS...
DNS Rebinding
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to DNS Rebinding in the macOS wide-area discovery process. An attacker can intercept or manipulate DNS responses and exfiltrate operator credentials by presenting themselves as a trusted...
GHSA-Q9W8-CF67-R238 OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration
Summary macOS Wide-Area Discovery Accepts Arbitrary Tailnet Peer as DNS Authority and Exfiltrates Operator Credentials Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped macOS discovery steering bug, but exploitation needs same-tailnet position, a...
OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration
Summary macOS Wide-Area Discovery Accepts Arbitrary Tailnet Peer as DNS Authority and Exfiltrates Operator Credentials Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped macOS discovery steering bug, but exploitation needs same-tailnet position, a...
openSUSE 16 Security Update : tailscale (openSUSE-SU-2026:20192-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20192-1 advisory. Changes in tailscale: - Update to version 1.94.0: IS SET and NOT SET have been added as device posture operators India DERP Region City Name...
CVE-2022-41925
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
Design/Logic Flaw
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
CVE-2022-41925 Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
CVE-2022-41925 Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...