openclaw
560 tracked vulnerabilities.
CVE-2026-43575
CRITICAL
OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route
May 06, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-43574
MEDIUM
OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43573
HIGH
OpenClaw < 2026.4.10 - SSRF Policy Bypass in Existing-Session Browser Interaction Routes
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43572
MEDIUM
OpenClaw 2026.4.10 < 2026.4.14 - Missing Sender Authorization in Microsoft Teams SSO Invoke Handler
May 05, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-43571
HIGH
OpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel Setup
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43570
MEDIUM
OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43569
HIGH
OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43568
MEDIUM
OpenClaw 2026.4.5 < 2026.4.10 - Privilege Escalation via Memory Dreaming Configuration in /dreaming Endpoint
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43567
MEDIUM
OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43566
CRITICAL
OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43535
MEDIUM
OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches
May 05, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-43534
CRITICAL
OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events
May 05, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-43533
HIGH
OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags
May 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-43532
HIGH
OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43531
HIGH
OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File
May 05, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-43530
HIGH
OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
May 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-43529
LOW
OpenClaw < 2026.4.10 - Time-of-Check-Time-of-Use (TOCTOU) Race Condition in exec Script Preflight Validator
May 05, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-43528
MEDIUM
OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases
May 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-43527
HIGH
OpenClaw < 2026.4.14 - Server-Side Request Forgery via Private Network Navigation
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-43526
HIGH
OpenClaw < 2026.4.12 - Server-Side Request Forgery via QQBot Reply Media URL Handling
May 05, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-42439
HIGH
OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes
May 05, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-42438
HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Sender Policy Bypass in Host Media Attachment Reads
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42437
HIGH
OpenClaw 2026.4.9 < 2026.4.10 - Denial of Service via Oversized WebSocket Frames in Voice-call Realtime Path
May 05, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-42436
HIGH
OpenClaw < 2026.4.14 - Internal Page Content Exposure via Browser Snapshot and Screenshot Routes
May 05, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42435
HIGH
OpenClaw 2026.2.22 < 2026.4.12 - Shell-Wrapper Detection Bypass via Environment Variable Assignment Injection
May 05, 2026
CVSS 8.8
EPSS 0.00
Products
Quick Filters