CVE-2026-28452
CVE-2026-28452 affects OpenClaw prior to version 2026.2.14. The vulnerability is in the extractArchive function (src/infra/archive.ts) and allows resource exhaustion (CPU, memory, disk) via specially crafted ZIP/TAR archives during install/update. This can cause service degradation or unavailabil...