Total CVEs

143,232

Critical Severity

4,056

High Severity

14,610

Last 7 Days

1,261
Quick preset (or use dates below)
Clear Filters
Showing 421 - 440 of 548 CVEs
CVE-2026-32001 MEDIUM - 5.4

OpenClaw versions prior to 2026.2.22 contain an authentication bypass vulnerability that allows clients authenticated with a shared gateway token to connect as role=node without device identity verification. Attackers can exploit this by claiming the node role during WebSocket handshake to inject un...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-32000 MEDIUM - 6.3

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension tool execution that uses Windows shell fallback with shell: true after spawn failures. Attackers can inject shell metacharacters in command arguments to execute arbitrary commands when subprocess ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31999 MEDIUM - 6.3

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution fallbac...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31998 HIGH - 7.0

OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attackers with Synology sender access can bypass authorization checks and trigger unauthorized agent dispa...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31997 MEDIUM - 6.0

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv[0] tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling arbit...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags or recursive grep flags. Attackers with command execution access can leverage sort -o flag for arbitr...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31995 MEDIUM - 5.3

OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension's Windows shell fallback mechanism that allows attackers to inject arbitrary commands through tool-provided arguments. When spawn failures trigger shell fallback with shell: true, a...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31994 HIGH - 7.1

OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files. Local attackers with control over service script generation arguments...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31993 MEDIUM - 4.8

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass incom...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31992 HIGH - 7.1

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at runti...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31990 MEDIUM - 6.1

OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlinks outside the sandbox workspace. Attackers can exploit this by placing symlinks in the media/inbound...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-31989 HIGH - 7.4

OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web_search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can influence citation redirect targets can trigger internal-network requests from the OpenClaw host to...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-29608 MEDIUM - 6.7

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text.

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-29607 MEDIUM - 6.4

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign wrap...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-28461 HIGH - 7.5

OpenClaw versions prior to 2026.3.1 contain an unbounded memory growth vulnerability in the Zalo webhook endpoint that allows unauthenticated attackers to trigger in-memory key accumulation by varying query strings. Remote attackers can exploit this by sending repeated requests with different query ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-28460 MEDIUM - 5.9

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run that allows attackers to execute non-allowlisted commands by splitting command substitution using shell line-continuation characters. Attackers can bypass security analysis by injecting $\\ followed by a new...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-28449 MEDIUM - 4.8

OpenClaw versions prior to 2026.2.25 lack durable replay state for Nextcloud Talk webhook events, allowing valid signed webhook requests to be replayed without suppression. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound message processing and c...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-27670 MEDIUM - 5.3

OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding pa...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-27566 HIGH - 7.1

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while executi...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD