Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/05 11:25 a.m.7 views

CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References3
CVE
CVE
added 2026/05/05 11:25 a.m.14 views

CVE-2026-43569

OpenClaw (prior to 2026.4.9) contains an authentication bypass vulnerability where untrusted workspace plugins can be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can craft malicious workspace plugins that are automatically selected and enabled...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:25 a.m.4 views

CVE-2026-43569

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.9 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing for the automatic activation of untrusted workspace plugins during...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References1
Rows per page
Query Builder