Total CVEs

143,226

Critical Severity

4,056

High Severity

14,605

Last 7 Days

1,268
Quick preset (or use dates below)
Clear Filters
Showing 261 - 280 of 548 CVEs
CVE-2026-35660 HIGH - 8.1

OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attackers with operator.write privileges can invoke /reset or /new messages with an explicit sessionKey to ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35659 MEDIUM - 4.6

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious disco...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35658 MEDIUM - 6.5

OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts outside the workspace to read files that other filesystem tools would reject.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35657 MEDIUM - 6.5

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route that skips operator.read scope validation. Attackers can access session history without proper operator read permissions by sending HTTP requests to the vulnerable endpoint.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35656 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers can inject forged forwarding headers to bypass canvas authentication and rate-limiting pro...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35655 MEDIUM - 5.7

OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypass security restrict...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35654 MEDIUM - 5.3

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback recording or reflectio...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35653 HIGH - 8.1

OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile through the browser.reques...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35652 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation completes, enabling un...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35651 MEDIUM - 4.3

OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to manipula...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35650 HIGH - 7.5

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation to ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35649 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing intended access control...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35647 MEDIUM - 5.3

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message tran...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35643 HIGH - 8.8

OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35641 HIGH - 7.8

OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package directory, attackers can lev...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35621 MEDIUM - 6.5

OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to build an internal co...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35620 MEDIUM - 5.4

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce operat...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35619 MEDIUM - 4.3

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the stric...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-6011 MEDIUM - 5.6

A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed remot...

Published: Apr 10, 2026
Source: NVD