Total CVEs

143,232

Critical Severity

4,056

High Severity

14,610

Last 7 Days

1,270
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 441 - 460 of 548 CVEs
CVE-2026-22176 MEDIUM - 6.1

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY=VALUE assignments, allowing shell metacharacters to break out of assignment context. Attackers can ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-27545 MEDIUM - 6.1

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutable p...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD

OpenClaw versions prior to 2026.2.21 accept prototype-reserved keys in runtime /debug set override object values, allowing prototype pollution attacks. Authorized /debug set callers can inject __proto__, constructor, or prototype keys to manipulate object prototypes and bypass command gate restricti...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-27523 MEDIUM - 6.1

OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve out...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-27522 MEDIUM - 6.5

OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user.

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22217 MEDIUM - 5.3

OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variable on...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22181 MEDIUM - 6.4

OpenClaw versions prior to 2026.3.2 contain a DNS pinning bypass vulnerability in strict URL fetch paths that allows attackers to circumvent SSRF guards when environment proxy variables are configured. When HTTP_PROXY, HTTPS_PROXY, or ALL_PROXY environment variables are present, attacker-influenced ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22180 MEDIUM - 5.3

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and wr...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22179 MEDIUM - 6.6

OpenClaw versions prior to 2026.2.22 in macOS node-host system.run contain an allowlist bypass vulnerability that allows remote attackers to execute non-allowlisted commands by exploiting improper parsing of command substitution tokens. Attackers can craft shell payloads with command substitution sy...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22178 MEDIUM - 6.5

OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastrophic ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22177 MEDIUM - 6.1

OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service run...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22175 HIGH - 7.1

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads under...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22174 MEDIUM - 5.7

OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the /json/version...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22171 HIGH - 8.2

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the client c...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22170 MEDIUM - 4.8

OpenClaw versions prior to 2026.2.22 with the optional BlueBubbles plugin contain an access control bypass vulnerability where empty allowFrom configuration causes dmPolicy pairing and allowlist restrictions to be ineffective. Remote attackers can send direct messages to BlueBubbles accounts by expl...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22169 MEDIUM - 6.4

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to invoke external helpers through the compress-program option. When sort is explicitly added to tools.exec.safeBins, remote attackers can bypass intended safe-bin appro...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-22168 MEDIUM - 6.5

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments through c...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-32302 HIGH - 8.1

OpenClaw is a personal AI assistant. Prior to 2026.3.11, browser-originated WebSocket connections could bypass origin validation when gateway.auth.mode was set to trusted-proxy and the request arrived with proxy headers. A page served from an untrusted origin could connect through a trusted reverse ...

Vendor: npm
Product: openclaw
Published: Mar 12, 2026
Source: GitHub
CVE-2026-4040 LOW - 3.3

A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version 2026.2.19-beta.1...

Vendor: openclaw
Product: openclaw
Published: Mar 12, 2026
Source: NVD
CVE-2026-4039 MEDIUM - 6.3

A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1 is...

Vendor: openclaw
Product: openclaw
Published: Mar 12, 2026
Source: NVD