Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/03 3:19 a.m.6 views

Improper Privilege Management

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Privilege Management via the pairing process. An attacker can gain elevated privileges by exploiting unbound bootstrap setup codes during device pairing. Remediation Upgrade...

8.6CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/26 9:37 p.m.4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the auth process. An attacker can gain unauthorized access by sending requests with add-on principals that are not bound to the intended deployment. Remediation...

7.6CVSS5.9AI score0.00293EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/26 9:24 p.m.2 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization due to missing enforcement of the operator.admin scope in mutating internal ACP chat commands. An attacker can perform unauthorized mutating control-plane actions by...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/26 7:50 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the webhook process. An attacker can cause excessive resource consumption by sending unauthenticated, oversized request bodies...

8.7CVSS5.9AI score0.00494EPSS
Exploits0References2
Rows per page
Query Builder