openclaw
477 tracked vulnerabilities.
CVE-2026-43567
MEDIUM
OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43566
CRITICAL
OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43535
MEDIUM
OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches
May 05, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-43534
CRITICAL
OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43533
HIGH
OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags
May 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-43532
HIGH
OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43531
HIGH
OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File
May 05, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-43530
HIGH
OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43529
LOW
OpenClaw < 2026.4.10 - Time-of-Check-Time-of-Use (TOCTOU) Race Condition in exec Script Preflight Validator
May 05, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-43528
MEDIUM
OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43527
HIGH
OpenClaw < 2026.4.14 - Server-Side Request Forgery via Private Network Navigation
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43526
HIGH
OpenClaw < 2026.4.12 - Server-Side Request Forgery via QQBot Reply Media URL Handling
May 05, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-42439
HIGH
OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes
May 05, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-42438
HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Sender Policy Bypass in Host Media Attachment Reads
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42437
HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Denial of Service via Oversized WebSocket Frames in Voice-call Realtime Path
May 05, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-42436
HIGH
OpenClaw < 2026.4.14 - Internal Page Content Exposure via Browser Snapshot and Screenshot Routes
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42435
HIGH
OpenClaw 2026.2.22 < 2026.4.12 - Shell-Wrapper Detection Bypass via Environment Variable Assignment Injection
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-42434
HIGH
OpenClaw 2026.4.5 < 2026.4.10 - Sandbox Escape via host Parameter Override in Exec Routing
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-42433
MEDIUM
OpenClaw < 2026.4.10 - Unauthorized Matrix Profile Config Persistence Access via operator.write Message Tools
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42432
HIGH
OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass
Apr 28, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-42431
HIGH
OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass
Apr 28, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-42430
MEDIUM
OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling
Apr 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42429
HIGH
OpenClaw < 2026.4.8 - Privilege Escalation via Gateway Plugin HTTP Authentication
Apr 28, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-42428
HIGH
OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads
Apr 28, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-42427
MEDIUM
OpenClaw < 2026.4.8 - Remote Code Execution via Build Tool Environment Variable Injection
Apr 28, 2026
CVSS 5.3
EPSS 0.00
Quick Filters