Robin Waslander

5 exploits Active since Mar 2026
CVE-2026-41350 WRITEUP MEDIUM WRITEUP
OpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed Invocations
OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke session_status without sandbox constraints to bypass session-policy controls and access restricted session information.
CVSS 4.3
CVE-2026-32917 WRITEUP CRITICAL WRITEUP
OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP
OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters are passed directly to the SCP remote operand without validation, enabling command execution when remote attachment staging is enabled.
CVSS 9.8
CVE-2026-32980 WRITEUP HIGH WRITEUP
OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthenticated Telegram Webhook Request
OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-secret-token header, allowing unauthenticated attackers to exhaust server resources. Attackers can send POST requests to the webhook endpoint to force memory consumption, socket time, and JSON parsing work before authentication validation occurs.
CVSS 7.5
CVE-2026-32987 WRITEUP CRITICAL WRITEUP
OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing
OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admin.
CVSS 9.8
CVE-2026-32302 WRITEUP HIGH WRITEUP
OpenClaw <2026.3.11 - Auth Bypass
OpenClaw is a personal AI assistant. Prior to 2026.3.11, browser-originated WebSocket connections could bypass origin validation when gateway.auth.mode was set to trusted-proxy and the request arrived with proxy headers. A page served from an untrusted origin could connect through a trusted reverse proxy, inherit proxy-authenticated identity, and establish a privileged operator session. This vulnerability is fixed in 2026.3.11.
CVSS 8.1