Skip to content

File tree

advisories/github-reviewed/2026/04/GHSA-2767-2q9v-9326/GHSA-2767-2q9v-9326.json

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2767-2q9v-9326",
4-
"modified": "2026-05-05T11:50:43Z",
4+
"modified": "2026-05-08T01:32:10Z",
55
"published": "2026-04-17T21:57:31Z",
66
"aliases": [
77
"CVE-2026-43526"
88
],
99
"summary": "OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes",
1010
"details": "## Summary\n\nQQBot reply media URL handling could trigger SSRF and re-upload fetched bytes.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.12`\n- Patched versions: `>= 2026.4.12`\n\n## Impact\n\nQQBot reply media URLs could be treated as trusted media sources, allowing SSRF fetches whose returned bytes were then re-uploaded through the channel.\n\n## Technical Details\n\nThe fix routes QQBot remote media fetches through SSRF-guarded media fetching and explicit URL allowlist policy.\n\n## Fix\n\nThe issue was fixed in #63495 and #65788. The first stable tag containing the fix is `v2026.4.12`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `08ae021d1f4f02e0ca5fd8a3b9659291c1ecf95a`\n- `ddb7a8dd80b8d5dd04aafa44ce7a4354b568bb2d`\n- PR: #63495, #65788\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.12 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @threalwinky for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2767-2q9v-9326"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43526"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/63495"
@@ -52,13 +60,21 @@
5260
"type": "WEB",
5361
"url": "https://github.com/openclaw/openclaw/commit/08ae021d1f42905a85a550813c0d95169b171a6c"
5462
},
63+
{
64+
"type": "WEB",
65+
"url": "https://github.com/openclaw/openclaw/commit/08ae021d1f4f02e0ca5fd8a3b9659291c1ecf95a"
66+
},
5567
{
5668
"type": "WEB",
5769
"url": "https://github.com/openclaw/openclaw/commit/ddb7a8dd80b8d5dd04aafa44ce7a4354b568bb2d"
5870
},
5971
{
6072
"type": "PACKAGE",
6173
"url": "https://github.com/openclaw/openclaw"
74+
},
75+
{
76+
"type": "WEB",
77+
"url": "https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-qqbot-reply-media-url-handling"
6278
}
6379
],
6480
"database_specific": {
@@ -68,6 +84,6 @@
6884
"severity": "MODERATE",
6985
"github_reviewed": true,
7086
"github_reviewed_at": "2026-04-17T21:57:31Z",
71-
"nvd_published_at": null
87+
"nvd_published_at": "2026-05-05T12:16:18Z"
7288
}
7389
}

advisories/github-reviewed/2026/04/GHSA-2cq5-mf3v-mx44/GHSA-2cq5-mf3v-mx44.json

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2cq5-mf3v-mx44",
4-
"modified": "2026-05-05T11:57:23Z",
4+
"modified": "2026-05-08T01:32:55Z",
55
"published": "2026-04-17T22:16:04Z",
66
"aliases": [
77
"CVE-2026-43530"
88
],
99
"summary": "OpenClaw: busybox and toybox applet execution weakened exec approval binding",
1010
"details": "## Summary\n\nbusybox and toybox applet execution weakened exec approval binding.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `>= 2026.2.23 < 2026.4.12`\n- Patched versions: `>= 2026.4.12`\n\n## Impact\n\nOpaque multi-call binaries such as `busybox` and `toybox` could obscure which applet or script-like behavior would actually run, weakening exec approval binding and risk classification.\n\n## Technical Details\n\nThe fix treats `busybox` and `toybox` as opaque mutable script runners and fails closed rather than binding unsafe applet invocations.\n\n## Fix\n\nThe issue was fixed in #65713. The first stable tag containing the fix is `v2026.4.12`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `666f48d9b882a8a1415ca53f9567c72499d850c9`\n- PR: #65713\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.12 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @decsecre583 for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43530"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/65713"
@@ -51,6 +59,10 @@
5159
{
5260
"type": "PACKAGE",
5361
"url": "https://github.com/openclaw/openclaw"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.vulncheck.com/advisories/openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution"
5466
}
5567
],
5668
"database_specific": {
@@ -60,6 +72,6 @@
6072
"severity": "HIGH",
6173
"github_reviewed": true,
6274
"github_reviewed_at": "2026-04-17T22:16:04Z",
63-
"nvd_published_at": null
75+
"nvd_published_at": "2026-05-05T12:16:19Z"
6476
}
6577
}

advisories/github-reviewed/2026/04/GHSA-49cg-279w-m73x/GHSA-49cg-279w-m73x.json

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-49cg-279w-m73x",
4-
"modified": "2026-05-05T12:03:10Z",
4+
"modified": "2026-05-08T01:32:40Z",
55
"published": "2026-04-17T21:55:54Z",
66
"aliases": [
77
"CVE-2026-43574"
88
],
99
"summary": "OpenClaw: Empty approver lists could grant explicit approval authorization",
1010
"details": "## Summary\n\nEmpty approver lists could grant explicit approval authorization.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.12`\n- Patched versions: `>= 2026.4.12`\n\n## Impact\n\nFor helper-backed channels, an empty resolved approver list could be interpreted as explicit approval authorization, allowing a sender outside the normal channel authorization gate to resolve pending approvals if they knew an approval id.\n\n## Technical Details\n\nThe fix prevents empty approver lists from granting explicit approval authorization and adds regression coverage for unauthorized senders.\n\n## Fix\n\nThe issue was fixed in #65714. The first stable tag containing the fix is `v2026.4.12`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `0a105c0900de701d2ee9f1abc96b017afbd0afdd`\n- PR: #65714\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.12 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @anshumanbh for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-49cg-279w-m73x"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43574"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/65714"
@@ -51,15 +59,20 @@
5159
{
5260
"type": "PACKAGE",
5361
"url": "https://github.com/openclaw/openclaw"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.vulncheck.com/advisories/openclaw-improper-authorization-via-empty-approver-lists"
5466
}
5567
],
5668
"database_specific": {
5769
"cwe_ids": [
70+
"CWE-183",
5871
"CWE-862"
5972
],
6073
"severity": "MODERATE",
6174
"github_reviewed": true,
6275
"github_reviewed_at": "2026-04-17T21:55:54Z",
63-
"nvd_published_at": null
76+
"nvd_published_at": "2026-05-05T12:16:21Z"
6477
}
6578
}

advisories/github-reviewed/2026/04/GHSA-53vx-pmqw-863c/GHSA-53vx-pmqw-863c.json

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-53vx-pmqw-863c",
4-
"modified": "2026-05-05T11:51:23Z",
4+
"modified": "2026-05-08T01:32:14Z",
55
"published": "2026-04-17T21:58:15Z",
66
"aliases": [
77
"CVE-2026-43527"
88
],
99
"summary": "OpenClaw: Browser SSRF policy default allowed private-network navigation",
1010
"details": "## Summary\n\nBrowser SSRF policy default allowed private-network navigation.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.14`\n- Patched versions: `>= 2026.4.14`\n\n## Impact\n\nBrowser SSRF protection could allow private-network navigation by default in paths where restrictive behavior was expected, exposing internal services or metadata endpoints through browser-driven requests.\n\n## Technical Details\n\nThe fix preserves strict SSRF configuration semantics, keeps private-network access disabled unless explicitly opted in, and updates loopback CDP readiness handling for the stricter default.\n\n## Fix\n\nThe issue was fixed in #66354 and #66386. The first stable tag containing the fix is `v2026.4.14`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `024f4614a1a1831406e763adc40ef226e3d5e9ed`\n- `1dabfef28db523e7de81edeb3dd689e9171236a2`\n- `213c36cf51121ef6c05cfccd78037371f968f31a`\n- `7eecfa411df3d12e6b810e6ca5df47254fc3db3f`\n- PR: #66354, #66386\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.14 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-53vx-pmqw-863c"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43527"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/66354"
@@ -67,6 +75,10 @@
6775
{
6876
"type": "PACKAGE",
6977
"url": "https://github.com/openclaw/openclaw"
78+
},
79+
{
80+
"type": "WEB",
81+
"url": "https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-private-network-navigation"
7082
}
7183
],
7284
"database_specific": {
@@ -77,6 +89,6 @@
7789
"severity": "MODERATE",
7890
"github_reviewed": true,
7991
"github_reviewed_at": "2026-04-17T21:58:15Z",
80-
"nvd_published_at": null
92+
"nvd_published_at": "2026-05-05T12:16:18Z"
8193
}
8294
}

advisories/github-reviewed/2026/04/GHSA-736r-jwj6-4w23/GHSA-736r-jwj6-4w23.json

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-736r-jwj6-4w23",
4-
"modified": "2026-05-05T11:48:24Z",
4+
"modified": "2026-05-08T01:32:18Z",
55
"published": "2026-04-17T22:14:56Z",
66
"aliases": [
77
"CVE-2026-42434"
88
],
99
"summary": "OpenClaw: Sandboxed agents could escape exec routing via host=node override",
1010
"details": "## Summary\n\nSandboxed agents could escape exec routing via host=node override.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `>= 2026.4.5 < 2026.4.10`\n- Patched versions: `>= 2026.4.10`\n\n## Impact\n\nA sandboxed agent could request `host: \"node\"` and route exec to a remote node instead of the intended sandbox execution path, bypassing the sandbox routing boundary.\n\n## Technical Details\n\nThe fix blocks sandboxed exec escape to remote node targets and keeps routing aligned with the active sandbox policy.\n\n## Fix\n\nThe issue was fixed in #63880. The first stable tag containing the fix is `v2026.4.10`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `dffad08529202edbf34e4808788e1182fe10f6a9`\n- PR: #63880\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.10 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-736r-jwj6-4w23"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42434"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/63880"
@@ -51,6 +59,10 @@
5159
{
5260
"type": "PACKAGE",
5361
"url": "https://github.com/openclaw/openclaw"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-host-parameter-override-in-exec-routing"
5466
}
5567
],
5668
"database_specific": {
@@ -60,6 +72,6 @@
6072
"severity": "HIGH",
6173
"github_reviewed": true,
6274
"github_reviewed_at": "2026-04-17T22:14:56Z",
63-
"nvd_published_at": null
75+
"nvd_published_at": "2026-05-05T12:16:17Z"
6476
}
6577
}

advisories/github-reviewed/2026/04/GHSA-7g8c-cfr3-vqqr/GHSA-7g8c-cfr3-vqqr.json

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7g8c-cfr3-vqqr",
4-
"modified": "2026-05-05T11:58:44Z",
4+
"modified": "2026-05-08T01:32:34Z",
55
"published": "2026-04-17T21:55:20Z",
66
"aliases": [
77
"CVE-2026-43534"
88
],
99
"summary": "OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input",
1010
"details": "## Summary\n\nAgent hook events could enqueue trusted system events from unsanitized external input.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.10`\n- Patched versions: `>= 2026.4.10`\n\n## Impact\n\nAgent hook dispatch could turn externally supplied hook metadata into trusted system events, allowing untrusted input to enter the agent as higher-trust context.\n\n## Technical Details\n\nThe fix sanitizes hook names and marks agent hook system events as untrusted before enqueueing them.\n\n## Fix\n\nThe issue was fixed in #64372. The first stable tag containing the fix is `v2026.4.10`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `e3a845bde5b54f4f1e742d0a51ba9860f9619b29`\n- PR: #64372\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.10 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-7g8c-cfr3-vqqr"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43534"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/64372"
@@ -51,15 +59,20 @@
5159
{
5260
"type": "PACKAGE",
5361
"url": "https://github.com/openclaw/openclaw"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.vulncheck.com/advisories/openclaw-unsanitized-external-input-in-agent-hook-events"
5466
}
5567
],
5668
"database_specific": {
5769
"cwe_ids": [
58-
"CWE-269"
70+
"CWE-269",
71+
"CWE-345"
5972
],
6073
"severity": "MODERATE",
6174
"github_reviewed": true,
6275
"github_reviewed_at": "2026-04-17T21:55:20Z",
63-
"nvd_published_at": null
76+
"nvd_published_at": "2026-05-05T12:16:19Z"
6477
}
6578
}

advisories/github-reviewed/2026/04/GHSA-7jp6-r74r-995q/GHSA-7jp6-r74r-995q.json

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7jp6-r74r-995q",
4-
"modified": "2026-05-05T11:48:03Z",
4+
"modified": "2026-05-08T01:32:22Z",
55
"published": "2026-04-17T22:15:27Z",
66
"aliases": [
77
"CVE-2026-42433"
88
],
99
"summary": "OpenClaw: Matrix profile config persistence was reachable from operator.write message tools",
1010
"details": "## Summary\n\nMatrix profile config persistence was reachable from operator.write message tools.\n\n## Affected Packages / Versions\n\n- Package: `openclaw`\n- Ecosystem: npm\n- Affected versions: `< 2026.4.10`\n- Patched versions: `>= 2026.4.10`\n\n## Impact\n\nGateway `operator.write` message-tool paths could reach Matrix profile persistence that should have required admin-level authority.\n\n## Technical Details\n\nThe fix gates Matrix profile updates for non-owner message-tool runs and prevents write-scoped callers from mutating persistent profile config.\n\n## Fix\n\nThe issue was fixed in #62662. The first stable tag containing the fix is `v2026.4.10`, and `openclaw@2026.4.14` includes the fix.\n\n## Fix Commit(s)\n\n- `fe0f686c9228fffcec6de4011da45e69a6e23e54`\n- PR: #62662\n\n## Release Process Note\n\nUsers should upgrade to `openclaw` 2026.4.10 or newer. The latest npm release, `2026.4.14`, already includes the fix.\n\n## Credits\n\nThanks to @zpbrent and @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
@@ -40,23 +44,36 @@
4044
"type": "WEB",
4145
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-7jp6-r74r-995q"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42433"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/openclaw/openclaw/pull/62662"
4654
},
55+
{
56+
"type": "WEB",
57+
"url": "https://github.com/openclaw/openclaw/commit/fe0f686c9228fffcec6de4011da45e69a6e23e54"
58+
},
4759
{
4860
"type": "PACKAGE",
4961
"url": "https://github.com/openclaw/openclaw"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://www.vulncheck.com/advisories/openclaw-unauthorized-matrix-profile-config-persistence-access-via-operator-write-message-tools"
5066
}
5167
],
5268
"database_specific": {
5369
"cwe_ids": [
5470
"CWE-266",
71+
"CWE-862",
5572
"CWE-863"
5673
],
5774
"severity": "HIGH",
5875
"github_reviewed": true,
5976
"github_reviewed_at": "2026-04-17T22:15:27Z",
60-
"nvd_published_at": null
77+
"nvd_published_at": "2026-05-05T12:16:17Z"
6178
}
6279
}

0 commit comments

Comments
 (0)