diff --git a/advisories/feed.json b/advisories/feed.json index b4f802b..db140f1 100644 --- a/advisories/feed.json +++ b/advisories/feed.json @@ -1,6 +1,6 @@ { "version": "0.0.3", - "updated": "2026-02-22T10:57:32Z", + "updated": "2026-02-24T06:20:16Z", "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.", "advisories": [ { @@ -18,12 +18,12 @@ "https://github.com/openclaw/openclaw/commit/8ae2d5110f6ceadef73822aa3db194fb60d2ba68", "https://github.com/openclaw/openclaw/commit/ebcf19746f5c500a41817e03abecadea8655654a" ], - "cvss_score": null, + "cvss_score": 4.0, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27576" }, { "id": "CVE-2026-27488", - "severity": "medium", + "severity": "high", "type": "server_side_request_forgery", "nvd_category_id": "CWE-918", "title": "OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/g...", @@ -36,7 +36,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp" ], - "cvss_score": null, + "cvss_score": 7.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27488" }, { @@ -90,7 +90,7 @@ "https://github.com/openclaw/openclaw/commit/ee1d6427b544ccadd73e02b1630ea5c29ba9a9f0", "https://github.com/openclaw/openclaw/pull/20796" ], - "cvss_score": null, + "cvss_score": 4.4, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27485" }, { @@ -108,7 +108,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "https://github.com/openclaw/openclaw/security/advisories/GHSA-wh94-p5m6-mr7j" ], - "cvss_score": null, + "cvss_score": 4.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27484" }, { @@ -304,7 +304,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14", "https://github.com/openclaw/openclaw/security/advisories/GHSA-pv58-549p-qh99" ], - "cvss_score": null, + "cvss_score": 6.5, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26327" }, { @@ -322,7 +322,7 @@ "https://github.com/openclaw/openclaw/commit/ebc68861a61067fc37f9298bded3eec9de0ba783", "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14" ], - "cvss_score": null, + "cvss_score": 4.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26326" }, { diff --git a/advisories/feed.json.sig b/advisories/feed.json.sig index 2b2a84a..5d5431d 100644 --- a/advisories/feed.json.sig +++ b/advisories/feed.json.sig @@ -1 +1 @@ -yJXPjNEmnC/rtErSZJMjAa0y4DRgJIi2fh81GRT9lymKmWdSXHd/oXdY1rMCnVlAcxmLwHNTuOWYjh3gOZ/xAw== \ No newline at end of file +Rs++ntJvBvX4zVTJ/DsrfXOQG3VTUc2x4esSURSMonesmYzSm9U9kd3rBz5d+DemJOVJ/esH21VACpdE+T34AA== \ No newline at end of file diff --git a/skills/clawsec-feed/advisories/feed.json b/skills/clawsec-feed/advisories/feed.json index b4f802b..db140f1 100644 --- a/skills/clawsec-feed/advisories/feed.json +++ b/skills/clawsec-feed/advisories/feed.json @@ -1,6 +1,6 @@ { "version": "0.0.3", - "updated": "2026-02-22T10:57:32Z", + "updated": "2026-02-24T06:20:16Z", "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.", "advisories": [ { @@ -18,12 +18,12 @@ "https://github.com/openclaw/openclaw/commit/8ae2d5110f6ceadef73822aa3db194fb60d2ba68", "https://github.com/openclaw/openclaw/commit/ebcf19746f5c500a41817e03abecadea8655654a" ], - "cvss_score": null, + "cvss_score": 4.0, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27576" }, { "id": "CVE-2026-27488", - "severity": "medium", + "severity": "high", "type": "server_side_request_forgery", "nvd_category_id": "CWE-918", "title": "OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/g...", @@ -36,7 +36,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp" ], - "cvss_score": null, + "cvss_score": 7.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27488" }, { @@ -90,7 +90,7 @@ "https://github.com/openclaw/openclaw/commit/ee1d6427b544ccadd73e02b1630ea5c29ba9a9f0", "https://github.com/openclaw/openclaw/pull/20796" ], - "cvss_score": null, + "cvss_score": 4.4, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27485" }, { @@ -108,7 +108,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "https://github.com/openclaw/openclaw/security/advisories/GHSA-wh94-p5m6-mr7j" ], - "cvss_score": null, + "cvss_score": 4.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27484" }, { @@ -304,7 +304,7 @@ "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14", "https://github.com/openclaw/openclaw/security/advisories/GHSA-pv58-549p-qh99" ], - "cvss_score": null, + "cvss_score": 6.5, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26327" }, { @@ -322,7 +322,7 @@ "https://github.com/openclaw/openclaw/commit/ebc68861a61067fc37f9298bded3eec9de0ba783", "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14" ], - "cvss_score": null, + "cvss_score": 4.3, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26326" }, { diff --git a/skills/clawsec-feed/advisories/feed.json.sig b/skills/clawsec-feed/advisories/feed.json.sig index 2b2a84a..5d5431d 100644 --- a/skills/clawsec-feed/advisories/feed.json.sig +++ b/skills/clawsec-feed/advisories/feed.json.sig @@ -1 +1 @@ -yJXPjNEmnC/rtErSZJMjAa0y4DRgJIi2fh81GRT9lymKmWdSXHd/oXdY1rMCnVlAcxmLwHNTuOWYjh3gOZ/xAw== \ No newline at end of file +Rs++ntJvBvX4zVTJ/DsrfXOQG3VTUc2x4esSURSMonesmYzSm9U9kd3rBz5d+DemJOVJ/esH21VACpdE+T34AA== \ No newline at end of file