openclaw

477 tracked vulnerabilities.

CVE-2026-41296 HIGH
OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile
Apr 21, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-41295 HIGH
OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shadow Code Execution during Built-in Channel Setup
Apr 21, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41294 HIGH
OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File
Apr 21, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-40045 MEDIUM
OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints
Apr 21, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-41389 MEDIUM
OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths
Apr 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-3691 MEDIUM
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability
Apr 11, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-3690 HIGH
OpenClaw Canvas Authentication Bypass Vulnerability
Apr 11, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3689 MEDIUM
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
Apr 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-35670 MEDIUM
OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
Apr 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-35669 HIGH
OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35668 HIGH
OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters
Apr 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-35667 MEDIUM
OpenClaw < 2026.3.24 - Improper Process Termination via Unpatched killProcessTree in shell-utils.ts
Apr 10, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-35666 HIGH
OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35665 MEDIUM
OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-35664 MEDIUM
OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-35663 HIGH
OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-35662 MEDIUM
OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action
Apr 10, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-35661 MEDIUM
OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-35660 HIGH
OpenClaw < 2026.3.23 - Insufficient Access Control in Gateway Agent Session Reset
Apr 10, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-35659 MEDIUM
OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery
Apr 10, 2026
CVSS 4.6
EPSS 0.00
CVE-2026-35658 MEDIUM
OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool
Apr 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-35657 MEDIUM
OpenClaw < 2026.3.25 - Authorization Bypass in HTTP Session History Route
Apr 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-35656 MEDIUM
OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter
Apr 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-35655 MEDIUM
OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution
Apr 10, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-35654 MEDIUM
OpenClaw < 2026.3.25 - Authorization Bypass in Microsoft Teams Feedback Invoke
Apr 10, 2026
CVSS 5.3
EPSS 0.00
Products
openclaw 447 OpenClaw 383 crabbox 5 voice-call 2 bluebubbles 1 openclaw\/voice-call 1
Quick Filters
Critical CVEs With Exploits In CISA KEV