Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
11037
Total
752
Critical
3191
High
3530
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-40100 | MEDIUM | 5.3 | FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress() only … | Apr 10, 2026 |
| CVE-2026-40097 | LOW | 3.7 | Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index … | Apr 10, 2026 |
| CVE-2026-40086 | MEDIUM | 5.3 | Rembg is a tool to remove images background. Prior to 2.0.75, a path traversal vulnerability in the rembg HTTP server allows unauthenticated remote attackers to … | Apr 10, 2026 |
| CVE-2026-40074 | UNKNOWN | — | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook … | Apr 10, 2026 |
| CVE-2026-40073 | UNKNOWN | — | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, under certain circumstances, requests could bypass the BODY_SIZE_LIMIT on … | Apr 10, 2026 |
| CVE-2026-35670 | MEDIUM | 5.9 | OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead … | Apr 10, 2026 |
| CVE-2026-35669 | HIGH | 8.8 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can … | Apr 10, 2026 |
| CVE-2026-35668 | HIGH | 7.7 | OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl … | Apr 10, 2026 |
| CVE-2026-35667 | MEDIUM | 6.1 | OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched killProcessTree function from shell-utils.ts that sends SIGKILL immediately … | Apr 10, 2026 |
| CVE-2026-35666 | HIGH | 8.8 | OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using … | Apr 10, 2026 |
| CVE-2026-35665 | MEDIUM | 5.3 | OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout … | Apr 10, 2026 |
| CVE-2026-35664 | MEDIUM | 5.3 | OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send … | Apr 10, 2026 |
| CVE-2026-35663 | HIGH | 8.8 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect … | Apr 10, 2026 |
| CVE-2026-35662 | MEDIUM | 4.3 | OpenClaw before 2026.3.22 fails to enforce controlScope restrictions on the send action, allowing leaf subagents to message controlled child sessions beyond their authorized scope. Attackers … | Apr 10, 2026 |
| CVE-2026-35661 | MEDIUM | 5.3 | OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing … | Apr 10, 2026 |
| CVE-2026-35660 | HIGH | 8.1 | OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. … | Apr 10, 2026 |
| CVE-2026-35659 | MEDIUM | 4.6 | OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. … | Apr 10, 2026 |
| CVE-2026-35658 | MEDIUM | 6.5 | OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts … | Apr 10, 2026 |
| CVE-2026-35657 | MEDIUM | 6.5 | OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route that skips operator.read scope validation. Attackers can access session history without proper … | Apr 10, 2026 |
| CVE-2026-35656 | MEDIUM | 6.5 | OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers … | Apr 10, 2026 |
| CVE-2026-35655 | MEDIUM | 5.7 | OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof … | Apr 10, 2026 |
| CVE-2026-35654 | MEDIUM | 5.3 | OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender … | Apr 10, 2026 |
| CVE-2026-35653 | HIGH | 8.1 | OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile … | Apr 10, 2026 |
| CVE-2026-35652 | MEDIUM | 6.5 | OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization … | Apr 10, 2026 |
| CVE-2026-35651 | MEDIUM | 4.3 | OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata … | Apr 10, 2026 |