Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-43569 | HIGH | 8.8 | OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers … | May 05, 2026 |
| CVE-2026-43568 | MEDIUM | 6.5 | OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can … | May 05, 2026 |
| CVE-2026-43567 | MEDIUM | 6.5 | OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screen_record tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying … | May 05, 2026 |
| CVE-2026-43566 | CRITICAL | 9.1 | OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit … | May 05, 2026 |
| CVE-2026-43535 | MEDIUM | 6.8 | OpenClaw before 2026.4.14 contains an authorization context reuse vulnerability in collect-mode queue batches that allows messages from different senders to inherit the final sender's authorization … | May 05, 2026 |
| CVE-2026-43534 | CRITICAL | 9.1 | OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook … | May 05, 2026 |
| CVE-2026-43533 | HIGH | 8.6 | OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage … | May 05, 2026 |
| CVE-2026-43532 | HIGH | 7.7 | OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize Discord event cover image parameters in sandbox media processing. Attackers can bypass media normalization to inject host-local … | May 05, 2026 |
| CVE-2026-43531 | HIGH | 7.3 | OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, … | May 05, 2026 |
| CVE-2026-43530 | HIGH | 8.8 | OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet … | May 05, 2026 |
| CVE-2026-43529 | LOW | 2.5 | OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace boundary checks. An attacker with workspace write … | May 05, 2026 |
| CVE-2026-43528 | MEDIUM | 6.5 | OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with … | May 05, 2026 |
| CVE-2026-43527 | HIGH | 7.7 | OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to … | May 05, 2026 |
| CVE-2026-43526 | HIGH | 8.2 | OpenClaw before 2026.4.12 contains a server-side request forgery vulnerability in QQBot reply media URL handling that allows attackers to fetch arbitrary content. Attackers can exploit … | May 05, 2026 |
| CVE-2026-42439 | HIGH | 8.5 | OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in the browser tabs action select and close routes. Attackers can bypass configured browser … | May 05, 2026 |
| CVE-2026-42438 | HIGH | 7.7 | OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers … | May 05, 2026 |
| CVE-2026-42437 | HIGH | 7.5 | OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSocket path that accepts oversized frames without proper validation. Remote … | May 05, 2026 |
| CVE-2026-42436 | HIGH | 7.7 | OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab routes that fail to consistently validate the final browser target … | May 05, 2026 |
| CVE-2026-42435 | HIGH | 8.8 | OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can … | May 05, 2026 |
| CVE-2026-42434 | HIGH | 8.8 | OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries … | May 05, 2026 |
| CVE-2026-42433 | MEDIUM | 6.5 | OpenClaw before 2026.4.10 contains an authorization bypass vulnerability allowing operator.write message-tool paths to access Matrix profile persistence requiring admin-level authority. Attackers can exploit insufficient access … | May 05, 2026 |
| CVE-2023-54349 | MEDIUM | 6.1 | AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers … | May 05, 2026 |
| CVE-2023-54348 | HIGH | 8.8 | ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers … | May 05, 2026 |
| CVE-2023-54347 | HIGH | 7.5 | OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login … | May 05, 2026 |
| CVE-2023-54346 | HIGH | 7.5 | WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers … | May 05, 2026 |