Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Vulnerability List - Page 7

Clear Filters
Found 480 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-41380 OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables OpenClawOpenClaw High 7.3 2026-04-28 18:09:43 Deep Dive
CVE-2026-41379 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config OpenClawOpenClaw High 7.1 2026-04-28 18:09:43 Deep Dive
CVE-2026-41378 OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch OpenClawOpenClaw High 8.8 2026-04-28 18:09:42 Deep Dive
CVE-2026-41377 OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation OpenClawOpenClaw Medium 4.6 2026-04-28 18:09:41 Deep Dive
CVE-2026-41376 OpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender Validation OpenClawOpenClaw Medium 5.4 2026-04-28 18:09:40 Deep Dive
CVE-2026-41375 OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints OpenClawOpenClaw Medium 6.5 2026-04-28 18:09:39 Deep Dive
CVE-2026-41374 OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization OpenClawOpenClaw Medium 5.3 2026-04-28 18:09:38 Deep Dive
CVE-2026-41373 OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy OpenClawOpenClaw Medium 6.1 2026-04-28 18:09:37 Deep Dive
CVE-2026-41372 OpenClaw < 2026.4.2 - Loopback Protection Bypass via Trailing-Dot Localhost in CDP Discovery OpenClawOpenClaw Medium 5.8 2026-04-27 23:24:34 Deep Dive
CVE-2026-41371 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send Reset Command OpenClawOpenClaw High 8.5 2026-04-27 23:24:33 Deep Dive
CVE-2026-41370 OpenClaw < 2026.3.31 - Path Traversal via Inbound Channel Attachment Path in ACP Dispatch OpenClawOpenClaw Medium 6.5 2026-04-27 23:24:32 Deep Dive
CVE-2026-41369 OpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host Execution OpenClawOpenClaw Medium 6.5 2026-04-27 23:24:31 Deep Dive
CVE-2026-41368 OpenClaw < 2026.3.28 - Environment Variable Disclosure via jq $ENV Filter Bypass OpenClawOpenClaw Medium 6.5 2026-04-27 23:24:31 Deep Dive
CVE-2026-41367 OpenClaw 2026.2.14 < 2026.3.28 - Policy Enforcement Bypass in Discord Component Interactions OpenClawOpenClaw Medium 5.0 2026-04-27 23:24:30 Deep Dive
CVE-2026-41366 OpenClaw < 2026.3.31 - Arbitrary Host File Read via appendLocalMediaParentRoots Self-Whitelisting OpenClawOpenClaw Medium 5.5 2026-04-27 23:24:29 Deep Dive
CVE-2026-41365 OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API Thread History OpenClawOpenClaw Medium 5.4 2026-04-27 23:24:29 Deep Dive
CVE-2026-41364 OpenClaw < 2026.3.31 - Arbitrary File Write via Symlink Following in SSH Sandbox Tar Upload OpenClawOpenClaw High 8.1 2026-04-27 23:24:28 Deep Dive
CVE-2026-41363 OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter OpenClawOpenClaw Medium 5.3 2026-04-27 23:24:27 Deep Dive
CVE-2026-41362 OpenClaw 2026.2.19 through 2026.3.30 - Webhook Replay Dedupe Cache Event Suppression via Shared Authentication OpenClawOpenClaw Medium 4.3 2026-04-27 23:24:26 Deep Dive
CVE-2026-41361 OpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use Ranges OpenClawOpenClaw High 7.1 2026-04-23 21:58:19 Deep Dive