Total CVEs

143,226

Critical Severity

4,056

High Severity

14,605

Last 7 Days

1,273
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 281 - 300 of 548 CVEs
CVE-2026-35646 MEDIUM - 4.8

OpenClaw before 2026.3.25 contains a pre-authentication rate-limit bypass vulnerability in webhook token validation that allows attackers to brute-force weak webhook secrets. The vulnerability exists because invalid webhook tokens are rejected without throttling repeated authentication attempts, ena...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35645 HIGH - 8.1

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to execute privileged o...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35644 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive au...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35642 MEDIUM - 4.3

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability where group reaction events bypass the requireMention access control mechanism. Attackers can trigger reactions in mention-gated groups to enqueue agent-visible system events that should remain restricted.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35640 MEDIUM - 5.3

OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force resource-intensive parsing operations. Remote attackers can send malicious webhook requests to trigger denial of service by exhausting server resources through force...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35639 HIGH - 8.8

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35638 HIGH - 8.8

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mechanism to maintain e...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35637 HIGH - 7.3

OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content handling prior to final auth decisions. Attackers can exploit this timing vulnerability to access or manipulate content before proper authorization validation occur...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35636 MEDIUM - 6.5

OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that should be blocked b...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35635 MEDIUM - 4.8

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access contro...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35634 MEDIUM - 5.1

OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasRequest() unconditionally allows local-direct requests without validating bearer tokens or canvas capabilities. Attackers can send unauthenticated loopback HTTP and WebSocket requests...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35633 MEDIUM - 5.3

OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that allows attackers to trigger excessive memory consumption. Attackers can send crafted HTTP error responses with large bodies to remote media endpoints, causing the application to a...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35632 HIGH - 7.1

OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that use fs.appendFile on IDENTITY.md without symlink containment checks. Attackers with workspace access can plant symlinks to append attacker-controlled content to arbitrary files, ena...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35631 MEDIUM - 6.5

OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unauthorized modifications. Attackers without admin privileges can execute mutating control-plane actions by directly invoking affected ACP commands to bypass authorization gates.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35629 HIGH - 7.4

OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch() calls against configured endpoints to rebind requests to blocked internal des...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35628 MEDIUM - 4.8

OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in Telegram webhook authentication that allows attackers to brute-force weak webhook secrets. The vulnerability enables repeated authentication guesses without throttling, permitting attackers to systematically guess webhook se...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35627 MEDIUM - 6.5

OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of service through resour...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35626 MEDIUM - 5.3

OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling that buffers request bodies before provider signature checks. Attackers can send large or malicious webhook requests to exhaust server resources without authentication by bypassing ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35625 HIGH - 7.8

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently esca...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD
CVE-2026-35624 MEDIUM - 4.2

OpenClaw before 2026.3.22 contains a policy confusion vulnerability in room authorization that matches colliding room names instead of stable room tokens. Attackers can exploit similarly named rooms to bypass allowlist policies and gain unauthorized access to protected Nextcloud Talk rooms.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 09, 2026
Source: NVD