Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 14

Clear Filters
Found 352 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-22174 OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe OpenClawOpenClaw Medium 6.8 2026-03-18 01:34:20 Deep Dive
CVE-2026-22171 OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming OpenClawOpenClaw High 8.2 2026-03-18 01:34:19 Deep Dive
CVE-2026-22169 OpenClaw < 2026.2.22 - Allowlist Bypass via sort Configuration in safeBins OpenClawOpenClaw Medium 6.7 2026-03-18 01:34:18 Deep Dive
CVE-2026-22170 OpenClaw < 2026.2.22 BlueBubbles - Access Control Bypass via Empty allowFrom Configuration OpenClawOpenClaw Medium 6.5 2026-03-18 01:34:18 Deep Dive
CVE-2026-22168 OpenClaw < 2026.2.21 - Command Injection via cmd.exe /c Trailing Arguments in system.run OpenClawOpenClaw Medium 6.5 2026-03-18 01:34:17 Deep Dive
CVE-2026-32302 OpenClaw: Untrusted web origins can obtain authenticated operator.admin access in trusted-proxy mode openclawopenclaw High 8.1 2026-03-12 21:22:29 Deep Dive
CVE-2026-4040 OpenClaw File Existence tools.exec.safeBins information exposure -OpenClaw Low 3.3 2026-03-12 12:02:14 Deep Dive
CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection -OpenClaw Medium 6.3 2026-03-12 12:02:10 Deep Dive
CVE-2026-32063 OpenClaw 2026.2.19-2 < 2026.2.21 - Command Injection via Newline in systemd Unit Generation openclawopenclaw High 7.1 2026-03-11 13:32:37 Deep Dive
CVE-2026-32062 OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream openclawopenclaw High 7.5 2026-03-11 13:32:36 Deep Dive
CVE-2026-32061 OpenClaw < 2026.2.17 - Arbitrary File Read via $include Directive Path Traversal openclawopenclaw Medium 4.4 2026-03-11 13:32:35 Deep Dive
CVE-2026-32060 OpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted Paths openclawopenclaw High 8.8 2026-03-11 13:32:34 Deep Dive
CVE-2026-32059 OpenClaw 2026.2.22-2 < 2026.2.23 - Allowlist Bypass via sort Long-Option Abbreviation in tools.exec.safeBins openclawopenclaw High 8.8 2026-03-11 13:32:32 Deep Dive
CVE-2026-29612 OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding OpenClawOpenClaw Medium 5.5 2026-03-05 22:00:11 Deep Dive
CVE-2026-29613 OpenClaw < 2026.2.12 - Webhook Authentication Bypass via Loopback remoteAddress Trust OpenClawOpenClaw Medium 5.9 2026-03-05 22:00:11 Deep Dive
CVE-2026-29611 OpenClaw < 2026.2.14 - Local File Inclusion via mediaPath Parameter in BlueBubbles Media Handling OpenClawOpenClaw High 7.5 2026-03-05 22:00:10 Deep Dive
CVE-2026-29610 OpenClaw < 2026.2.14 - Command Hijacking via Unsafe PATH Handling OpenClawOpenClaw High 8.8 2026-03-05 22:00:08 Deep Dive
CVE-2026-29609 OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch OpenClawOpenClaw High 7.5 2026-03-05 22:00:07 Deep Dive
CVE-2026-29606 OpenClaw < 2026.2.14 - Webhook Signature Verification Bypass via ngrok Loopback Compatibility OpenClawOpenClaw Medium 6.5 2026-03-05 22:00:06 Deep Dive
CVE-2026-28486 OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands OpenClawOpenClaw Medium 6.1 2026-03-05 22:00:03 Deep Dive