Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation
Vulnerability Description
OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
未能安全地进行程序失效(Failing Open)
Vulnerability Title
OpenClaw 安全漏洞
Vulnerability Description
OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.3.31之前版本存在安全漏洞,该漏洞源于插件安装流程中的故障开放漏洞,安全扫描失败不会阻止安装。攻击者可以利用扫描失败,在操作员尽管看到扫描警告仍继续操作时安装不受信任的插件。
CVSS Information
N/A
Vulnerability Type
N/A