| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-28447 | OpenClaw 2026.1.29-beta.1 < 2026.2.1 - Path Traversal in Plugin Installation via Package Name | OpenClaw | OpenClaw | High | 8.1 | 2026-03-05 21:59:26 | Deep Dive |
| CVE-2026-28446 | OpenClaw < 2026.2.1 - Inbound Allowlist Policy Bypass in voice-call Extension via Empty Caller ID and Suffix Matching | OpenClaw | OpenClaw | Critical | 9.4 | 2026-03-05 21:59:25 | Deep Dive |
| CVE-2026-28395 | OpenClaw 2026.1.14-1 < 2026.2.12 - Unintended Public Binding of Chrome Extension Relay via Wildcard cdpUrl | OpenClaw | OpenClaw | Medium | 6.5 | 2026-03-05 21:59:24 | Deep Dive |
| CVE-2026-28394 | OpenClaw < 2026.2.15 - Denial of Service via Unbounded Response Parsing in web_fetch Tool | OpenClaw | OpenClaw | Medium | 6.5 | 2026-03-05 21:59:23 | Deep Dive |
| CVE-2026-28393 | OpenClaw 2.0.0-beta3 < 2026.2.14 - Arbitrary JavaScript Module Loading via Hook Transform Path Traversal | OpenClaw | OpenClaw | High | 7.7 | 2026-03-05 21:59:22 | Deep Dive |
| CVE-2026-28392 | OpenClaw < 2026.2.14 - Privilege Escalation in Slack Slash Command Handler via Direct Messages | OpenClaw | OpenClaw | High | 7.5 | 2026-03-05 21:59:21 | Deep Dive |
| CVE-2026-28391 | OpenClaw < 2026.2.2 - Command Injection via cmd.exe Parsing Bypass in Allowlist Enforcement | OpenClaw | OpenClaw | Critical | 9.8 | 2026-03-05 21:59:20 | Deep Dive |
| CVE-2026-28363 | OpenClaw 安全漏洞 | OpenClaw | OpenClaw | Critical | 9.9 | 2026-02-27 03:17:37 | Deep Dive |
| CVE-2026-27576 | OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs | openclaw | openclaw | 中危 | - | 2026-02-21 10:00:12 | Deep Dive |
| CVE-2026-27488 | OpenClaw hardened cron webhook delivery against SSRF | openclaw | openclaw | 高危 | - | 2026-02-21 09:49:05 | Deep Dive |
| CVE-2026-27487 | OpenClaw: Prevent shell injection in macOS keychain credential write | openclaw | openclaw | High | 7.6 | 2026-02-21 09:35:29 | Deep Dive |
| CVE-2026-27486 | OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup | openclaw | openclaw | - | - | 2026-02-21 09:32:45 | Deep Dive |
| CVE-2026-27485 | OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection | openclaw | openclaw | 中危 | - | 2026-02-21 09:27:53 | Deep Dive |
| CVE-2026-27484 | OpenClaw Discord moderation authorization used untrusted sender identity in tool-driven flows | openclaw | openclaw | 中危 | - | 2026-02-21 09:21:17 | Deep Dive |
| CVE-2026-27009 | OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection | openclaw | openclaw | Medium | 5.8 | 2026-02-19 23:25:41 | Deep Dive |
| CVE-2026-27008 | OpenClaw hardened the skill download target directory validation | openclaw | openclaw | 中危 | - | 2026-02-19 23:23:32 | Deep Dive |
| CVE-2026-27007 | OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation | openclaw | openclaw | 低危 | - | 2026-02-19 23:21:20 | Deep Dive |
| CVE-2026-27004 | OpenClaw session tool visibility hardening and Telegram webhook secret fallback | openclaw | openclaw | 中危 | - | 2026-02-19 23:18:48 | Deep Dive |
| CVE-2026-27003 | OpenClaw: Telegram bot token exposure via logs | openclaw | openclaw | 中危 | - | 2026-02-19 23:14:10 | Deep Dive |
| CVE-2026-27002 | OpenClaw: Docker container escape via unvalidated bind mount config injection | openclaw | openclaw | 超危 | - | 2026-02-19 23:12:17 | Deep Dive |