| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-41298 | OpenClaw < 2026.4.2 - Authorization Bypass in Session Termination Endpoint | OpenClaw | OpenClaw | Medium | 5.4 | 2026-04-20 23:08:12 | Deep Dive |
| CVE-2026-41297 | OpenClaw < 2026.3.31 - Server-Side Request Forgery via Marketplace Plugin Download Redirect | OpenClaw | OpenClaw | High | 7.6 | 2026-04-20 23:08:11 | Deep Dive |
| CVE-2026-41296 | OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile | OpenClaw | OpenClaw | High | 8.2 | 2026-04-20 23:08:10 | Deep Dive |
| CVE-2026-41295 | OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shadow Code Execution during Built-in Channel Setup | OpenClaw | OpenClaw | High | 7.8 | 2026-04-20 23:08:10 | Deep Dive |
| CVE-2026-41294 | OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File | OpenClaw | OpenClaw | High | 8.6 | 2026-04-20 23:08:09 | Deep Dive |
| CVE-2026-40045 | OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints | OpenClaw | OpenClaw | Medium | 5.7 | 2026-04-20 23:08:08 | Deep Dive |
| CVE-2026-41389 | OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths | OpenClaw | OpenClaw | Medium | 5.8 | 2026-04-20 17:48:44 | Deep Dive |
| CVE-2026-3691 | OpenClaw Client PKCE Verifier Information Disclosure Vulnerability | OpenClaw | OpenClaw | - | - | 2026-04-11 00:17:41 | Deep Dive |
| CVE-2026-3690 | OpenClaw Canvas Authentication Bypass Vulnerability | OpenClaw | OpenClaw | - | - | 2026-04-11 00:17:32 | Deep Dive |
| CVE-2026-3689 | OpenClaw Canvas Path Traversal Information Disclosure Vulnerability | OpenClaw | OpenClaw | - | - | 2026-04-11 00:17:24 | Deep Dive |
| CVE-2026-35670 | OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat | OpenClaw | OpenClaw | Medium | 5.9 | 2026-04-10 16:03:29 | Deep Dive |
| CVE-2026-35669 | OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope | OpenClaw | OpenClaw | High | 8.8 | 2026-04-10 16:03:28 | Deep Dive |
| CVE-2026-35668 | OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters | OpenClaw | OpenClaw | High | 7.7 | 2026-04-10 16:03:27 | Deep Dive |
| CVE-2026-35666 | OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper | OpenClaw | OpenClaw | High | 8.8 | 2026-04-10 16:03:26 | Deep Dive |
| CVE-2026-35667 | OpenClaw < 2026.3.24 - Improper Process Termination via Unpatched killProcessTree in shell-utils.ts | OpenClaw | OpenClaw | Medium | 6.1 | 2026-04-10 16:03:26 | Deep Dive |
| CVE-2026-35665 | OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing | OpenClaw | OpenClaw | Medium | 5.3 | 2026-04-10 16:03:25 | Deep Dive |
| CVE-2026-35663 | OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim | OpenClaw | OpenClaw | High | 8.8 | 2026-04-10 16:03:24 | Deep Dive |
| CVE-2026-35664 | OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks | OpenClaw | OpenClaw | Medium | 5.3 | 2026-04-10 16:03:24 | Deep Dive |
| CVE-2026-35662 | OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action | OpenClaw | OpenClaw | Medium | 4.3 | 2026-04-10 16:03:23 | Deep Dive |
| CVE-2026-35661 | OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass | OpenClaw | OpenClaw | Medium | 5.3 | 2026-04-10 16:03:22 | Deep Dive |