Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Vulnerability List - Page 19

Clear Filters
Found 480 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-31997 OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals OpenClawOpenClaw Medium 6.0 2026-03-19 01:00:55 Deep Dive
CVE-2026-31996 OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags OpenClawOpenClaw Medium 4.4 2026-03-19 01:00:54 Deep Dive
CVE-2026-31994 OpenClaw < 2026.2.19 - Local Command Injection via Unsafe cmd Argument Handling in Windows Scheduled Task Script Generation OpenClawOpenClaw High 7.1 2026-03-19 01:00:53 Deep Dive
CVE-2026-31995 OpenClaw 2026.1.21 < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Extension OpenClawOpenClaw Medium 5.3 2026-03-19 01:00:53 Deep Dive
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains OpenClawOpenClaw Medium 4.8 2026-03-19 01:00:52 Deep Dive
CVE-2026-31991 OpenClaw < 2026.2.26 - Authorization Bypass via DM Pairing-Store Leakage in Signal Group Allowlist OpenClawOpenClaw Low 3.7 2026-03-19 01:00:51 Deep Dive
CVE-2026-31992 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S OpenClawOpenClaw High 7.1 2026-03-19 01:00:51 Deep Dive
CVE-2026-31990 OpenClaw < 2026.3.2 - Symlink Traversal in stageSandboxMedia Destination OpenClawOpenClaw Medium 6.1 2026-03-19 01:00:50 Deep Dive
CVE-2026-31989 OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect OpenClawOpenClaw High 7.4 2026-03-19 01:00:49 Deep Dive
CVE-2026-29607 OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence OpenClawOpenClaw Medium 6.8 2026-03-19 01:00:48 Deep Dive
CVE-2026-29608 OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting OpenClawOpenClaw Medium 6.7 2026-03-19 01:00:48 Deep Dive
CVE-2026-28461 OpenClaw < 2026.3.1 - Unbounded Memory Growth in Zalo Webhook via Query String Key Churn OpenClawOpenClaw High 7.5 2026-03-19 01:00:47 Deep Dive
CVE-2026-28460 OpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.run OpenClawOpenClaw High 7.1 2026-03-19 01:00:46 Deep Dive
CVE-2026-27670 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition OpenClawOpenClaw Medium 5.3 2026-03-19 01:00:45 Deep Dive
CVE-2026-28449 OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression OpenClawOpenClaw Medium 6.5 2026-03-19 01:00:45 Deep Dive
CVE-2026-27566 OpenClaw < 2026.2.22 - Allowlist Bypass via Wrapper Binary Unwrapping in system.run OpenClawOpenClaw High 7.1 2026-03-19 01:00:44 Deep Dive
CVE-2026-22176 OpenClaw < 2026.2.19 - Command Injection via Unescaped Environment Variables in Windows Scheduled Task Script Generation OpenClawOpenClaw Medium 6.1 2026-03-19 01:00:43 Deep Dive
CVE-2026-27545 OpenClaw < 2026.2.26 - Approval Bypass via Parent Symlink Current Working Directory Rebind OpenClawOpenClaw Medium 6.1 2026-03-18 01:34:29 Deep Dive
CVE-2026-27524 OpenClaw < 2026.2.21 - Prototype Pollution via Debug Override Path OpenClawOpenClaw Medium 4.3 2026-03-18 01:34:28 Deep Dive
CVE-2026-27523 OpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf Paths OpenClawOpenClaw Medium 6.1 2026-03-18 01:34:27 Deep Dive