openclaw

560 tracked vulnerabilities.

CVE-2026-43575 CRITICAL
OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route
May 06, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-43574 MEDIUM
OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43573 HIGH
OpenClaw < 2026.4.10 - SSRF Policy Bypass in Existing-Session Browser Interaction Routes
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43572 MEDIUM
OpenClaw 2026.4.10 < 2026.4.14 - Missing Sender Authorization in Microsoft Teams SSO Invoke Handler
May 05, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-43571 HIGH
OpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel Setup
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43570 MEDIUM
OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43569 HIGH
OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43568 MEDIUM
OpenClaw 2026.4.5 < 2026.4.10 - Privilege Escalation via Memory Dreaming Configuration in /dreaming Endpoint
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43567 MEDIUM
OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43566 CRITICAL
OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43535 MEDIUM
OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches
May 05, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-43534 CRITICAL
OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43533 HIGH
OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags
May 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-43532 HIGH
OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43531 HIGH
OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File
May 05, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-43530 HIGH
OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43529 LOW
OpenClaw < 2026.4.10 - Time-of-Check-Time-of-Use (TOCTOU) Race Condition in exec Script Preflight Validator
May 05, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-43528 MEDIUM
OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43527 HIGH
OpenClaw < 2026.4.14 - Server-Side Request Forgery via Private Network Navigation
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43526 HIGH
OpenClaw < 2026.4.12 - Server-Side Request Forgery via QQBot Reply Media URL Handling
May 05, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-42439 HIGH
OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes
May 05, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-42438 HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Sender Policy Bypass in Host Media Attachment Reads
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42437 HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Denial of Service via Oversized WebSocket Frames in Voice-call Realtime Path
May 05, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-42436 HIGH
OpenClaw < 2026.4.14 - Internal Page Content Exposure via Browser Snapshot and Screenshot Routes
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42435 HIGH
OpenClaw 2026.2.22 < 2026.4.12 - Shell-Wrapper Detection Bypass via Environment Variable Assignment Injection
May 05, 2026
CVSS 8.8
EPSS 0.00