Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Vulnerability List - Page 15

Clear Filters
Found 480 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-32972 OpenClaw < 2026.3.11 - Authorization Bypass in Browser Profile Management via browser.request OpenClawOpenClaw High 7.1 2026-03-29 12:44:25 Deep Dive
CVE-2026-32923 OpenClaw < 2026.3.11 - Authorization Bypass in Discord Guild Reaction Allowlist Enforcement OpenClawOpenClaw Medium 5.4 2026-03-29 12:44:24 Deep Dive
CVE-2026-32924 OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu OpenClawOpenClaw Critical 9.8 2026-03-29 12:44:24 Deep Dive
CVE-2026-32922 OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate OpenClawOpenClaw Critical 9.9 2026-03-29 12:44:23 Deep Dive
CVE-2026-32919 OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands OpenClawOpenClaw Medium 6.1 2026-03-29 12:44:22 Deep Dive
CVE-2026-32915 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Subagent Control Surface OpenClawOpenClaw High 8.8 2026-03-29 12:44:21 Deep Dive
CVE-2026-32918 OpenClaw < 2026.3.11 - Session Sandbox Escape via session_status Tool OpenClawOpenClaw High 8.4 2026-03-29 12:44:21 Deep Dive
CVE-2026-32914 OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints OpenClawOpenClaw High 8.8 2026-03-29 12:44:20 Deep Dive
CVE-2026-32846 OpenClaw < 2026.3.28 Media Parsing Path Traversal to Arbitrary File Read OpenClawOpenClaw 中危 -2026-03-26 16:36:01 Deep Dive
CVE-2026-32913 OpenClaw < 2026.3.7 - Custom Authorization Header Leakage via Cross-Origin Redirects OpenClawOpenClaw Critical 9.3 2026-03-23 21:36:16 Deep Dive
CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command OpenClawOpenClaw Medium 6.1 2026-03-23 21:36:01 Deep Dive
CVE-2026-27183 OpenClaw < 2026.3.7 - Shell Approval Gating Bypass via Dispatch Wrapper Depth Mismatch OpenClawOpenClaw Medium 5.3 2026-03-23 21:36:00 Deep Dive
CVE-2026-32899 OpenClaw < 2026.2.25 - Sender Policy Bypass in Slack Reaction and Pin Event Handlers OpenClawOpenClaw Medium 4.3 2026-03-21 00:42:35 Deep Dive
CVE-2026-32898 OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata OpenClawOpenClaw Medium 5.4 2026-03-21 00:42:34 Deep Dive
CVE-2026-32897 OpenClaw < 2026.2.22 - Authentication Token Reuse in Owner ID Prompt Hashing Fallback OpenClawOpenClaw Low 3.7 2026-03-21 00:42:33 Deep Dive
CVE-2026-32895 OpenClaw < 2026.2.26 - Sender Authorization Bypass in Slack System Event Handlers OpenClawOpenClaw Medium 5.4 2026-03-21 00:42:32 Deep Dive
CVE-2026-32896 OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin OpenClawOpenClaw Medium 4.8 2026-03-21 00:42:32 Deep Dive
CVE-2026-32067 OpenClaw < 2026.2.26 - Cross-Account Authorization Bypass in DM Pairing Store OpenClawOpenClaw Low 3.7 2026-03-21 00:42:31 Deep Dive
CVE-2026-32065 OpenClaw < 2026.2.25 - Approval Identity Mismatch in system.run Command Execution OpenClawOpenClaw Medium 4.8 2026-03-21 00:42:30 Deep Dive
CVE-2026-32058 OpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node OpenClawOpenClaw Low 2.6 2026-03-21 00:42:29 Deep Dive