12 matches found
EUVD-2026-25339
OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...
GHSA-M563-373Q-885C Duplicate Advisory: OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-42mx-vp8m-j7qh. This link is maintained to preserve external references. Original Description OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted...
Duplicate Advisory: OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-42mx-vp8m-j7qh. This link is maintained to preserve external references. Original Description OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted...
CVE-2026-41355
OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...
CVE-2026-41355 OpenClaw < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion
OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...
CVE-2026-41355
OpenShell is affected by CVE-2026-41355 (pre-2026.3.28) where a vulnerability in mirror mode allows conversion of untrusted sandbox files into workspace hooks, enabling arbitrary code execution on the host at gateway startup when mirror-mode access is present. The issue stems from how workspace h...
CVE-2026-41355
OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...
CVE-2026-41355 OpenClaw < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion
OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from an arbitrary code execution vulnerability in the mirror mode. By converting untrusted sandbox files int...
OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
Summary OpenShell mirror mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real on shipped = 2026.3.28 - First stable tag...
GHSA-42MX-VP8M-J7QH OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup
Summary OpenShell mirror mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real on shipped = 2026.3.28 - First stable tag...
PT-2026-34786
Name of the Vulnerable Software and Affected Versions OpenShell versions prior to 2026.3.28 Description An arbitrary code execution issue exists in mirror mode, which allows untrusted sandbox files to be converted into workspace hooks. Attackers with mirror mode access can execute arbitrary code ...