Lucene search
K

4 matches found

CVE
CVE
added 2026/04/10 4:3 p.m.15 views

CVE-2026-35658

OpenClaw CVE-2026-35658 affects the OpenClaw image tool prior to version 2026.3.2. The vulnerability is a filesystem boundary bypass that ignores tools.fs.workspaceOnly restrictions, allowing an attacker to traverse sandbox bridge mounts outside the workspace and read files that other filesystem ...

6.5CVSS5.8AI score0.00286EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32002

OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image tool that fails to enforce tools.fs.workspaceOnly restrictions on mounted sandbox paths, allowing attackers to read out-of-workspace files. Attackers can load restricted mounted images and exfiltrat...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/19 10:6 p.m.10 views

EUVD-2026-13255

OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image tool that fails to enforce tools.fs.workspaceOnly restrictions on mounted sandbox paths, allowing attackers to read out-of-workspace files. Attackers can load restricted mounted images and exfiltrat...

6CVSS5.8AI score0.00315EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/03 9:37 p.m.4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the applypatch process. An attacker can gain unauthorized access to files or directories outside the intended workspace by exploiting insufficient enforcement ...

8.1CVSS5.8AI score0.00364EPSS
Exploits0References2
Rows per page
Query Builder