Lucene search
K

4 matches found

Snyk
Snyk
added 2026/02/19 7:41 p.m.6 views

Use of Weak Hash

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Use of Weak Hash due to the use of SHA-1 in the process that generates sandbox identifier cache keys for Docker or browser sandbox configuration. An attacker can cause one configuration t...

9.1CVSS5.6AI score0.00179EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/19 7:40 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the webfetch tool. An attacker can cause the application to exhaust system memory or become unresponsive by tricking a user or...

6.9CVSS5.7AI score0.00388EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/18 10:43 p.m.6 views

Origin Validation Error

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Origin Validation Error in the sessionslist, sessionshistory, and sessionssend tools. An attacker can access sensitive transcript content from peer sessions by exploiting insufficient...

6.9CVSS5.7AI score0.00105EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/18 10:42 p.m.4 views

Arbitrary Command Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Command Injection due to embedding the current working directory path into LLM prompts without sanitization. An attacker can manipulate agent behavior or cause disclosure of...

8.6CVSS5.7AI score0.00205EPSS
Exploits0References2
Rows per page
Query Builder