OpenClaw

OpenClaw

559 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-32052

  • EPSS 0.91%
  • Veröffentlicht 21.03.2026 00:42:24
  • Zuletzt bearbeitet 23.03.2026 17:07:49

OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allows attackers to execute hidden commands by injecting positional argv carriers after inline shell payloads. Attackers can craft mis...

6.5

CVE-2026-32053

  • EPSS 0.34%
  • Veröffentlicht 21.03.2026 00:42:24
  • Zuletzt bearbeitet 24.03.2026 21:15:38

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events...

8.8

CVE-2026-32051

  • EPSS 0.41%
  • Veröffentlicht 21.03.2026 00:42:23
  • Zuletzt bearbeitet 23.03.2026 17:08:11

OpenClaw versions prior to 2026.3.1 contain an authorization mismatch vulnerability that allows authenticated callers with operator.write scope to invoke owner-only tool surfaces including gateway and cron through agent runs in scoped-token deploymen...

5.3

CVE-2026-32050

  • EPSS 0.21%
  • Veröffentlicht 21.03.2026 00:42:22
  • Zuletzt bearbeitet 23.03.2026 17:08:52

OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in signal reaction notification handling that allows unauthorized senders to enqueue status events before authorization checks are applied. Attackers can exploit the reactio...

9.9

CVE-2026-32048

  • EPSS 0.28%
  • Veröffentlicht 21.03.2026 00:42:21
  • Zuletzt bearbeitet 24.03.2026 19:13:59

OpenClaw versions prior to 2026.3.1 fail to enforce sandbox inheritance during cross-agent sessions_spawn operations, allowing sandboxed sessions to create child processes under unsandboxed agents. An attacker with a sandboxed session can exploit thi...

7.5

CVE-2026-32049

  • EPSS 0.54%
  • Veröffentlicht 21.03.2026 00:42:21
  • Zuletzt bearbeitet 23.03.2026 17:09:08

OpenClaw versions prior to 2026.2.22 fail to consistently enforce configured inbound media byte limits before buffering remote media across multiple channel ingestion paths. Remote attackers can send oversized media payloads to trigger elevated memor...

9.8

CVE-2026-32046

  • EPSS 0.29%
  • Veröffentlicht 21.03.2026 00:42:20
  • Zuletzt bearbeitet 24.03.2026 19:12:10

OpenClaw versions prior to 2026.2.21 contain an improper sandbox configuration vulnerability that allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requiring a sandbox escape. Attackers can leverage the di...

9.1

CVE-2026-32045

  • EPSS 0.4%
  • Veröffentlicht 21.03.2026 00:42:19
  • Zuletzt bearbeitet 24.03.2026 21:16:28

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTT...

7

CVE-2026-32043

  • EPSS 0.1%
  • Veröffentlicht 21.03.2026 00:42:18
  • Zuletzt bearbeitet 24.03.2026 19:10:25

OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run execution where the cwd parameter is validated at approval time but resolved at execution time. Attackers can retarget a symlinked cwd...

5.5

CVE-2026-32044

  • EPSS 0.13%
  • Veröffentlicht 21.03.2026 00:42:18
  • Zuletzt bearbeitet 23.03.2026 17:10:11

OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry ...