Vulnerabilidades en openclaw
537 resultadosCVE-2026-53859MEDIUMOpenClaw < 2026.5.26 - Hostname Validation Bypass via Trailing-Dot InconsistencyEPSS 0.2%CVE-2026-41912MEDIUMOpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered NavigationEPSS 0.2%CVE-2026-53844MEDIUMOpenClaw < 2026.4.29 - Session Visibility Check Bypass in Shared Memory SearchEPSS 0.2%CVE-2026-32050MEDIUMOpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check BypassEPSS 0.2%CVE-2026-28480MEDIUMOpenClaw < 2026.2.14 - Identity Spoofing via Mutable Username in Telegram Allowlist AuthorizationEPSS 0.2%CVE-2026-41344MEDIUMOpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose ParameterEPSS 0.2%CVE-2026-53823HIGHOpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFromEPSS 0.2%CVE-2026-44113HIGHOpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS BridgeEPSS 0.2%CVE-2026-41385HIGHOpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction BypassEPSS 0.2%CVE-2026-53830MEDIUMOpenClaw < 2026.4.22 - Webhook Secret Revocation Bypass via secrets.reloadEPSS 0.2%CVE-2026-32019LOWOpenClaw < 2026.2.22 - Incomplete IPv4 Special-Use Range Blocking in SSRF GuardEPSS 0.2%CVE-2026-53852LOWOpenClaw < 2026.4.25 - Scope Bypass via Empty-Scope Device Re-pairingEPSS 0.2%CVE-2026-32021MEDIUMOpenClaw < 2026.2.22 - Authorization Bypass via Display Name Collision in Feishu allowFromEPSS 0.2%CVE-2026-27001HIGHOpenClaw: Unsanitized CWD path injection into LLM promptsEPSS 0.2%CVE-2026-32899MEDIUMOpenClaw < 2026.2.25 - Sender Policy Bypass in Slack Reaction and Pin Event HandlersEPSS 0.2%CVE-2026-41299HIGHOpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance GuardEPSS 0.2%CVE-2026-43531HIGHOpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env FileEPSS 0.2%CVE-2026-41361MEDIUMOpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use RangesEPSS 0.2%CVE-2026-41296HIGHOpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFileEPSS 0.2%CVE-2026-35662MEDIUMOpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send ActionEPSS 0.2%