|
1751
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted sco…
|
CWE-648
Incorrect Use of Privileged APIs
|
CVE-2026-35669
|
2026-04-14 06:06 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1752
|
8.1 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable nu…
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2026-35670
|
2026-04-14 06:06 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1753
|
4.3 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can c…
|
CWE-150
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-35651
|
2026-04-14 06:05 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1754
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. …
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2026-35650
|
2026-04-14 05:46 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1755
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability trea…
|
CWE-183
Permissive List of Allowed Inputs
|
CVE-2026-35649
|
2026-04-14 05:46 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1756
|
5.9 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35648
|
2026-04-14 05:46 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1757
|
5.3 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users out…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-35647
|
2026-04-14 05:45 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1758
|
7.7 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or f…
|
CWE-22
Path Traversal
|
CVE-2026-35668
|
2026-04-14 05:43 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1759
|
8.8 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using…
|
CWE-706
Use of Incorrectly-Resolved Name or Reference
|
CVE-2026-35666
|
2026-04-14 05:42 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1760
|
5.3 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature ve…
|
CWE-405
Asymmetric Resource Consumption (Amplification)
|
CVE-2026-35665
|
2026-04-14 05:42 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
