openclaw

560 tracked vulnerabilities.

CVE-2026-41329 CRITICAL
OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation
Apr 21, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-41303 HIGH
OpenClaw < 2026.3.28 - Authorization Bypass in Discord Text Approval Commands
Apr 21, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-41302 HIGH
OpenClaw < 2026.3.31 - Server-Side Request Forgery via Unguarded fetch() in Marketplace Plugin Download
Apr 21, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-41301 MEDIUM
OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairing State Creation via Signature Verification Bypass
Apr 21, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-41300 MEDIUM
OpenClaw < 2026.3.31 - Attacker-Discovered Endpoint Preservation in Remote Onboarding
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-41299 HIGH
OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard
Apr 21, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-41298 MEDIUM
OpenClaw < 2026.4.2 - Authorization Bypass in Session Termination Endpoint
Apr 21, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-41297 HIGH
OpenClaw < 2026.3.31 - Server-Side Request Forgery via Marketplace Plugin Download Redirect
Apr 21, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-41296 HIGH
OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile
Apr 21, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-41295 HIGH
OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shadow Code Execution during Built-in Channel Setup
Apr 21, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41294 HIGH
OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File
Apr 21, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-40045 MEDIUM
OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints
Apr 21, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-41389 MEDIUM
OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths
Apr 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-3691 MEDIUM
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability
Apr 11, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-3690 HIGH
OpenClaw Canvas Authentication Bypass Vulnerability
Apr 11, 2026
CVSS 7.4
EPSS 0.01
CVE-2026-3689 MEDIUM
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
Apr 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-35670 MEDIUM
OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
Apr 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-35669 HIGH
OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35668 HIGH
OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters
Apr 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-35667 MEDIUM
OpenClaw < 2026.3.24 - Improper Process Termination via Unpatched killProcessTree in shell-utils.ts
Apr 10, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-35666 HIGH
OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35665 MEDIUM
OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-35664 MEDIUM
OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-35663 HIGH
OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35662 MEDIUM
OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action
Apr 10, 2026
CVSS 4.3
EPSS 0.00