VYPR

Openclaw

by OpenClaw

npm: openclaw

Source repositories

CVEs (537)

  • CVE-2026-35620MedApr 10, 2026
    risk 0.28cvss 5.4epss 0.00

    OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands…

  • CVE-2026-34425MedApr 2, 2026
    risk 0.28cvss 5.4epss 0.00

    OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft…

  • CVE-2026-32923MedMar 29, 2026
    risk 0.28cvss 5.4epss 0.00

    OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction ingestion that fails to enforce member users and roles allowlist checks. Non-allowlisted guild members can trigger reaction events accepted as trusted system events, injecting…

  • CVE-2026-53851MedJun 16, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.5.12 contains a notification bypass vulnerability allowing Slack reaction events to enter the agent pipeline despite disabled reaction notifications. Attackers can trigger unintended agent processing by sending reaction events when the feature is enabled,…

  • CVE-2026-45002MedMay 11, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing…

  • CVE-2026-44999MedMay 11, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing webhook-triggered cron agent output to be recorded as trusted system events. Attackers can exploit this trust-labeling issue to strengthen prompt-injection attacks…

  • CVE-2026-44994MedMay 11, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Attackers can access the bootstrap config route without a valid Gateway token to…

  • CVE-2026-43583MedMay 6, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart…

  • CVE-2026-43572MedMay 5, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw versions 2026.4.10 before 2026.4.14 contain a missing authorization vulnerability in the Microsoft Teams SSO invoke handler that fails to apply sender allowlist checks. Attackers can bypass sender authorization by sending SSO invoke requests that are processed without…

  • CVE-2026-42427MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS. Attackers can inject malicious build tool environment variables to influence…

  • CVE-2026-41915MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related variables to redirect git operations and compromise repository integrity.

  • CVE-2026-41400MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.01

    OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service.

  • CVE-2026-41391MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 fails to properly sanitize PIP_INDEX_URL and UV_INDEX_URL environment variables in host execution contexts, allowing attackers to redirect Python package-index traffic. Attackers can exploit this bypass to intercept or manipulate package management…

  • CVE-2026-41374MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger audio preflight processing without member allowlist validation to cause resource…

  • CVE-2026-41363MedApr 28, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can exploit improper path resolution during upload_image operations to read arbitrary…

  • CVE-2026-41351MedApr 23, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-encode Telnyx webhook signatures to bypass replay detection while maintaining valid…

  • CVE-2026-41346MedApr 23, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers can submit pairing requests from other accounts to block new pairing challenges on…

  • CVE-2026-41345MedApr 23, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by crafting malicious cross-origin redirect chains to intercept sensitive…

  • CVE-2026-41343MedApr 23, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook endpoint with concurrent requests before signature verification to exhaust…

  • CVE-2026-41337MedApr 23, 2026
    risk 0.27cvss 5.3epss 0.00

    OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers with captured valid callbacks for live calls can exploit this to manipulate…

Page 14 of 27