Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21901
Total
1562
Critical
6653
High
6999
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-0125 | UNKNOWN | — | In multiple functions of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege … | Jun 16, 2026 |
| CVE-2026-53866 | HIGH | 8.1 | OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell … | Jun 16, 2026 |
| CVE-2026-53865 | HIGH | 7.1 | OpenClaw before 2026.5.2 contains a path traversal vulnerability in maintenance task execution that allows workspace-derived service paths to influence trash command selection. Attackers can execute … | Jun 16, 2026 |
| CVE-2026-53864 | HIGH | 8.1 | OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to … | Jun 16, 2026 |
| CVE-2026-53863 | HIGH | 7.1 | OpenClaw before 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated group IDs. Attackers who can supply a group ID … | Jun 16, 2026 |
| CVE-2026-53862 | MEDIUM | 4.2 | OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay … | Jun 16, 2026 |
| CVE-2026-53861 | MEDIUM | 6.6 | OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSIX inline-command flags. Attackers can execute shell content … | Jun 16, 2026 |
| CVE-2026-53860 | MEDIUM | 4.2 | OpenClaw before 2026.5.7 contains a sender policy bypass vulnerability in BlueBubbles that allows participants to match allowlist entries through conversation metadata rather than stable sender … | Jun 16, 2026 |
| CVE-2026-53859 | MEDIUM | 6.5 | OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-dot notation in model or workspace-derived URLs. Attackers can exploit … | Jun 16, 2026 |
| CVE-2026-53858 | HIGH | 7.1 | OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATE_DIRECTORY variable … | Jun 16, 2026 |
| CVE-2026-53857 | HIGH | 8.1 | OpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could match allowFrom policy entries through display name changes. Attackers … | Jun 16, 2026 |
| CVE-2026-53856 | MEDIUM | 5.5 | OpenClaw before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly broad permissions. Local attackers on shared hosts can … | Jun 16, 2026 |
| CVE-2026-53855 | HIGH | 8.1 | OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools … | Jun 16, 2026 |
| CVE-2026-53854 | MEDIUM | 6.5 | OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. … | Jun 16, 2026 |
| CVE-2026-53853 | HIGH | 8.3 | OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execute disallowed arguments for allowlisted executables on Linux … | Jun 16, 2026 |
| CVE-2026-53852 | MEDIUM | 5.4 | OpenClaw before 2026.4.25 contains a scope containment bypass vulnerability in device re-pairing that allows authenticated operators to restore broader scopes than intended by submitting empty-scope … | Jun 16, 2026 |
| CVE-2026-53851 | MEDIUM | 5.3 | OpenClaw before 2026.5.12 contains a notification bypass vulnerability allowing Slack reaction events to enter the agent pipeline despite disabled reaction notifications. Attackers can trigger unintended … | Jun 16, 2026 |
| CVE-2026-53850 | MEDIUM | 5.5 | OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization … | Jun 16, 2026 |
| CVE-2026-53849 | HIGH | 8.1 | OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user … | Jun 16, 2026 |
| CVE-2026-53848 | MEDIUM | 4.3 | OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper-level side effects outside allowlisted command intent. Attackers can craft command … | Jun 16, 2026 |
| CVE-2026-53847 | MEDIUM | 5.4 | OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators with operator.write access to modify global configuration … | Jun 16, 2026 |
| CVE-2026-53846 | HIGH | 7.1 | OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the npm_execpath configuration used for bundled … | Jun 16, 2026 |
| CVE-2026-53845 | MEDIUM | 4.3 | OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispatch path skip before-tool-call hook coverage. Attackers can exploit this … | Jun 16, 2026 |
| CVE-2026-53844 | MEDIUM | 6.5 | OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated callers to access memory entries without proper authorization. … | Jun 16, 2026 |
| CVE-2026-53843 | HIGH | 8.8 | OpenClaw before 2026.5.26 contains an authorization bypass vulnerability where a surviving pairing-scoped device session can re-establish node token authority after revocation. Attackers with a paired … | Jun 16, 2026 |