VYPR

Openclaw

by OpenClaw

npm: openclaw

Source repositories

CVEs (537)

  • CVE-2026-32024Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 contain a symlink traversal vulnerability in avatar handling that allows attackers to read arbitrary files outside the configured workspace boundary. Remote attackers can exploit this by requesting avatar resources through gateway surfaces to…

  • CVE-2026-32023Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.24 contain an approval gating bypass vulnerability in system.run allowlist mode where nested transparent dispatch wrappers can suppress shell-wrapper detection. Attackers can exploit this by chaining multiple dispatch wrappers like /usr/bin/env…

  • CVE-2026-32021Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in the Feishu allowFrom allowlist implementation that accepts mutable sender display names instead of enforcing ID-only matching. An attacker can set a display name equal to an allowlisted ID…

  • CVE-2026-32020Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read…

  • CVE-2026-32017Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.19 contain an allowlist bypass vulnerability in the exec safeBins policy that allows attackers to write arbitrary files using short-option payloads. Attackers can bypass argument validation by attaching short options like -o to whitelisted…

  • CVE-2026-32016Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local…

  • CVE-2026-32015Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a path hijacking vulnerability in tools.exec.safeBins that allows attackers to bypass allowlist checks by controlling process PATH resolution. Attackers who can influence the gateway process PATH or launch environment can…

  • CVE-2026-32014Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can…

  • CVE-2026-32013Mar 19, 2026
    risk 0.00cvss epss 0.01

    OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files…

  • CVE-2026-32011Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or…

  • CVE-2026-32010Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator…

  • CVE-2026-32009Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these…

  • CVE-2026-32008Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed() function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files…

  • CVE-2026-32007Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.23 contain a path traversal vulnerability in the experimental apply_patch tool that allows attackers with sandbox access to modify files outside the workspace directory by exploiting inconsistent enforcement of workspace-only checks on mounted…

  • CVE-2026-32006Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where DM pairing-store identities are incorrectly treated as group allowlist identities when dmPolicy=pairing and groupPolicy=allowlist. Remote attackers can send messages and reactions as…

  • CVE-2026-32005Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.25 fail to enforce sender authorization checks for interactive callbacks including block_action, view_submission, and view_closed in shared workspace deployments. Unauthorized workspace members can bypass allowFrom restrictions and channel user…

  • CVE-2026-32004Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.3.2 contain an authentication bypass vulnerability in the /api/channels route classification due to canonicalization depth mismatch between auth-path classification and route-path canonicalization. Attackers can bypass plugin route authentication…

  • CVE-2026-32003Mar 19, 2026
    risk 0.00cvss epss 0.01

    OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the system.run function that allows attackers to bypass command allowlist restrictions via SHELLOPTS and PS4 environment variables. An attacker who can invoke system.run with…

  • CVE-2026-32002Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image tool that fails to enforce tools.fs.workspaceOnly restrictions on mounted sandbox paths, allowing attackers to read out-of-workspace files. Attackers can load restricted mounted…

  • CVE-2026-32001Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.22 contain an authentication bypass vulnerability that allows clients authenticated with a shared gateway token to connect as role=node without device identity verification. Attackers can exploit this by claiming the node role during WebSocket…

Page 21 of 27