OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by attackers to cause unauthorized senders to bypass authorization checks...

CVE-2026-33413

etcd contains authorization bypass vulnerabilities in the gRPC API surface that allow unauthorized users to call sensitive functions (e.g., MemberList, Alarm, Lease, and compaction) on clusters exposing the gRPC API to untrusted clients. In unpatched clusters with etcd auth enabled, attackers can...

CVE-2025-55734

CVE-2025-55734 affects flaskBlog (versions ≤ 2.8.0). The root cause is a missing authorization check on admin subroutes: the RBAC check runs only for the /admin page in routes/adminPanel.py, while routes/adminPanelComments.py and routes/adminPanelPosts.py are not protected. This allows unauthoriz...

CVE-2025-27737

Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally...

Exploit for CVE-2020-14882

CVE-2020–14882 Weblogic Unauthorized bypass RCE CVE-2020-14...