Vulnerabilities in OpenClaw
537 resultsCVE-2026-53811HIGHOpenClaw < 2026.5.7 - Privilege Escalation via Mutable Display Names in Matrix allowFromEPSS 0.3%CVE-2026-32924MEDIUMOpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in FeishuEPSS 0.3%CVE-2026-41369HIGHOpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host ExecutionEPSS 0.3%CVE-2026-41388MEDIUMOpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation HandlingEPSS 0.3%CVE-2026-44996MEDIUMOpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio EmbeddingEPSS 0.3%CVE-2026-34425MEDIUMOpenClaw - Shell-Bleed Protection Preflight Validation BypassEPSS 0.3%CVE-2026-26326MEDIUMOpenClaw skills.status could leak secrets to operator.read clientsEPSS 0.3%CVE-2026-42420MEDIUMOpenClaw < 2026.4.8 - Improper Base64 Decoding Size ValidationEPSS 0.3%CVE-2026-28469HIGHOpenClaw < 2026.2.14 - Cross-Account Policy Context Misrouting via Shared Webhook Path AmbiguityEPSS 0.3%CVE-2026-53819HIGHOpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env OverrideEPSS 0.3%CVE-2026-41329CRITICALOpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner EscalationEPSS 0.3%CVE-2026-35669HIGHOpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication ScopeEPSS 0.3%CVE-2026-32004HIGHOpenClaw < 2026.3.2 - Authentication Bypass via Encoded Path in /api/channels RouteEPSS 0.3%CVE-2026-41335MEDIUMOpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSONEPSS 0.3%CVE-2026-33573HIGHOpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC ParametersEPSS 0.3%CVE-2026-41331MEDIUMOpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight TranscriptionEPSS 0.3%CVE-2026-33578MEDIUMOpenClaw < 2026.3.28 - Sender Policy Allowlist Bypass via Policy Downgrade in Google Chat and Zalouser ExtensionsEPSS 0.3%CVE-2026-41345MEDIUMOpenClaw < 2026.3.31 - Authorization Header Leak via Cross-Origin Redirect in Media DownloadEPSS 0.3%CVE-2026-42433HIGHOpenClaw < 2026.4.10 - Unauthorized Matrix Profile Config Persistence Access via operator.write Message ToolsEPSS 0.3%CVE-2026-28458HIGHOpenClaw 2026.1.20 < 2026.2.1 - Missing Authentication in Browser Relay /cdp WebSocket EndpointEPSS 0.3%