Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,328
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 61 - 80 of 548 CVEs

OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider pol...

Vendor: OpenClaw
Product: OpenClaw
Published: Jun 11, 2026
Source: NVD
CVE-2026-53808 MEDIUM - 6.5

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before th...

Vendor: OpenClaw
Product: OpenClaw
Published: Jun 11, 2026
Source: NVD
CVE-2026-53807 HIGH - 8.8

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied, trigg...

Vendor: OpenClaw
Product: OpenClaw
Published: Jun 11, 2026
Source: NVD
CVE-2026-53806 HIGH - 8.8

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling un...

Vendor: OpenClaw
Product: OpenClaw
Published: Jun 11, 2026
Source: NVD
CVE-2026-35674 HIGH - 8.8

OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scope r...

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-35673 MEDIUM - 6.5

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should re...

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-35630 HIGH - 8.0

OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver identity. Non-approver users can click approval buttons to resolve pending exec or plugin approval requests without proper authorization.

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-34507 MEDIUM - 5.4

OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin commands from unauthorized senders or contexts to execute restricted behavior that policy should have bloc...

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-32906 MEDIUM - 4.3

OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to approve plugin actio...

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-32905 HIGH - 8.3

OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat senders to issue device-pairing bootstrap codes without proper scope validation. Attackers with chat command access can create setup codes to enroll devices...

Vendor: OpenClaw
Product: OpenClaw
Published: May 29, 2026
Source: NVD
CVE-2026-45224 HIGH - 7.1

Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provider's workspace path resolution that allows attackers to supply absolute or relative paths that resolve outside the intended /workspace directory. Attackers can craft a malicious .crabbox.yaml or crabbox.yaml file wit...

Vendor: openclaw
Product: crabbox
Published: May 11, 2026
Source: NVD
CVE-2026-45223 HIGH - 8.8

Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken() function fails to reject payloads containing an admin claim, allowing attackers to escalate privileges. An attacker with access to the shared non-admin tok...

Vendor: openclaw
Product: crabbox
Published: May 11, 2026
Source: NVD
CVE-2026-8305 HIGH - 7.3

A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initi...

Vendor: openclaw
Product: openclaw
Published: May 11, 2026
Source: NVD
CVE-2026-45006 HIGH - 8.8

OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist malicious config ...

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45005 MEDIUM - 6.0

OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and reload. Attackers with previously valid webhook route secrets can continue authenticating requests and invoking configured webhook task flows until ga...

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45004 HIGH - 7.8

OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup metadata resolution. Attackers can execute arbitrary JavaScript under the current user account by placing a malicious ext...

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45003 MEDIUM - 5.0

OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files.

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45002 MEDIUM - 5.3

OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls.

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45001 HIGH - 7.1

OpenClaw before 2026.4.20 contains a guard bypass vulnerability in the agent-facing gateway config.patch and config.apply endpoints that fails to protect operator-trusted settings including sandbox policy, plugin enablement, gateway auth/TLS, hook routing, MCP server configuration, SSRF policy, and ...

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD
CVE-2026-45000 MEDIUM - 5.0

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing to private-network or metadata endpoints that bypass security policies and are later probed during n...

Vendor: OpenClaw
Product: OpenClaw
Published: May 11, 2026
Source: NVD