Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

EUVD
EUVDadded 2026/03/05 9:59 p.m.1 views

EUVD-2026-9893

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

8.3CVSS6.1AI score0.00111EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/03/05 12:0 a.m.2 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw from 2.0.0-beta3 up to 2026.2.14 contained code vulnerabilities. These vulnerabilities stemmed from path traversal issues during the loading of the hook transform module, which could allow execution of arbitrary...

9.8CVSS6AI score0.00111EPSS
Exploits0References4
Snyk
Snykadded 2026/03/03 6:9 p.m.1 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the hooks.mappings.transform.module module. An attacker can execute arbitrary code with the privileges of the gateway process by specifying a path outside the...

9.8CVSS6.6AI score0.00111EPSS
Exploits0References2
OSV
OSVadded 2026/03/03 6:9 p.m.2 views

GHSA-7XHJ-55Q9-PC3M OpenClaw's hook transform module path allows traversal and arbitrary JavaScript module loading

Summary OpenClaw hook mapping transforms could be loaded via absolute paths or .. traversal, allowing arbitrary JavaScript module loading/execution in the gateway process when an attacker can modify hooks configuration. Affected Versions - Affected: = 2.0.0-beta3 and = 2026.2.13 - Fixed: 2026.2.1...

8.3CVSS6.2AI score0.00111EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/02/18 12:57 a.m.14 views

OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway

Summary OpenClaw Gateway supports hook mappings with optional JavaScript/TypeScript transform modules. In affected versions, the gateway did not sufficiently constrain configured module paths before passing them to dynamic import. Under some configurations, a user who can modify gateway...

8.6CVSS6.2AI score0.00101EPSS
Exploits0References7Affected Software1
Packet Storm News
Packet Storm Newsadded 2025/04/28 12:0 a.m.3 views

AGATE: Stealthy Black-Box Watermarking for Multimodal Model Copyright Protection

Recent advancement in large-scale Artificial Intelligence AI models offering multimodal services have become foundational in AI systems, making them prime targets for model theft. Existing methods select Out-of-Distribution OoD data as backdoor watermarks and retrain the original model for...

6.9AI score
Exploits0
Rows per page
Query Builder