|
911
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time na…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-42430
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
912
|
7.1 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin packages without detection, compromising the…
|
CWE-353
Missing Support for Integrity Check
|
CVE-2026-42428
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
913
|
5.3 |
MEDIUM
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS. …
|
CWE-184
Incomplete Blacklist
|
CVE-2026-42427
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
914
|
5.0 |
MEDIUM
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious sha…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-42424
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
915
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unpr…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42426
|
2026-04-30 23:05 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
916
|
7.5 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeo…
|
CWE-636
Not Failing Securely ('Failing Open')
|
CVE-2026-42423
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
917
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to …
|
CWE-863
Incorrect Authorization
|
CVE-2026-42422
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
918
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains improper input validation in base64 decode paths that allocate memory before enforcing decoded-size limits. Attackers can exploit multiple code paths to cause memory…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42420
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
919
|
5.4 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 contains an authentication state management vulnerability where the resolvedAuth closure becomes stale after configuration reload. Newly accepted gateway connections continue…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-41916
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
920
|
6.1 |
MEDIUM
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related varia…
|
CWE-184
Incomplete Blacklist
|
CVE-2026-41915
|
2026-04-30 23:04 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
