|
741
|
7.8 |
HIGH
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42432
|
2026-04-30 23:06 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
742
|
8.1 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the …
|
CWE-863
Incorrect Authorization
|
CVE-2026-42431
|
2026-04-30 23:06 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
743
|
7.1 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that widens identity-bearing operator.read requests into runtime operator.wr…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42429
|
2026-04-30 23:06 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
744
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time na…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-42430
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
745
|
7.1 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin packages without detection, compromising the…
|
CWE-353
Missing Support for Integrity Check
|
CVE-2026-42428
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
746
|
5.3 |
MEDIUM
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS. …
|
CWE-184
Incomplete Blacklist
|
CVE-2026-42427
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
747
|
5.0 |
MEDIUM
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious sha…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-42424
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
748
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unpr…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42426
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
749
|
7.5 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeo…
|
CWE-636
Not Failing Securely ('Failing Open')
|
CVE-2026-42423
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
750
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to …
|
CWE-863
Incorrect Authorization
|
CVE-2026-42422
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
