Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12600
Total
849
Critical
3629
High
3944
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-41355 | HIGH | 7.3 | OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access … | Apr 23, 2026 |
| CVE-2026-41354 | LOW | 3.7 | OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. … | Apr 23, 2026 |
| CVE-2026-41353 | HIGH | 8.1 | OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and … | Apr 23, 2026 |
| CVE-2026-41352 | HIGH | 8.8 | OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing … | Apr 23, 2026 |
| CVE-2026-41351 | MEDIUM | 5.3 | OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can … | Apr 23, 2026 |
| CVE-2026-41350 | MEDIUM | 4.3 | OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke … | Apr 23, 2026 |
| CVE-2026-41349 | HIGH | 8.8 | OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this … | Apr 23, 2026 |
| CVE-2026-41348 | MEDIUM | 5.4 | OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized … | Apr 23, 2026 |
| CVE-2026-41347 | HIGH | 7.1 | OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by … | Apr 23, 2026 |
| CVE-2026-41346 | MEDIUM | 5.3 | OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers … | Apr 23, 2026 |
| CVE-2026-41345 | MEDIUM | 5.3 | OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by crafting … | Apr 23, 2026 |
| CVE-2026-41344 | MEDIUM | 5.4 | OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can … | Apr 23, 2026 |
| CVE-2026-41343 | MEDIUM | 5.3 | OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can … | Apr 23, 2026 |
| CVE-2026-41342 | HIGH | 7.3 | OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Attackers can spoof … | Apr 23, 2026 |
| CVE-2026-41341 | MEDIUM | 5.4 | OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components-helpers.ts. Attackers can exploit … | Apr 23, 2026 |
| CVE-2026-41340 | MEDIUM | 6.5 | OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can exploit this … | Apr 23, 2026 |
| CVE-2026-41339 | MEDIUM | 4.3 | OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and … | Apr 23, 2026 |
| CVE-2026-41338 | MEDIUM | 5.0 | OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in apply_patch, … | Apr 23, 2026 |
| CVE-2026-41337 | MEDIUM | 5.3 | OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers … | Apr 23, 2026 |
| CVE-2026-41336 | HIGH | 7.8 | OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled … | Apr 23, 2026 |
| CVE-2026-41335 | MEDIUM | 5.3 | OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive … | Apr 23, 2026 |
| CVE-2026-41334 | MEDIUM | 6.5 | OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by … | Apr 23, 2026 |
| CVE-2026-41333 | LOW | 3.7 | OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit … | Apr 23, 2026 |
| CVE-2026-41332 | MEDIUM | 5.3 | OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec … | Apr 23, 2026 |
| CVE-2026-41274 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input … | Apr 23, 2026 |