gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

chore: CVE advisories - 19 new, 0 updated (#157)

Browse Source 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-29T06:22:49Z to 2026-03-30T06:34:03.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2026-03-30 10:13:00 +03:00
committed by GitHub
parent 01f651d6aa
commit e0083353cf
4 changed files with 1304 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/clawsec-feed/advisories/feed.json
+651 -1
View File
@@ -1,8 +1,658 @@
{
"version": "0.0.3",
"updated": "2026-03-29T06:22:49Z",
"updated": "2026-03-30T06:34:41Z",
"description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.",
"advisories": [
{
"id": "CVE-2026-33575",
"severity": "high",
"type": "unknown_cwe_522",
"nvd_category_id": "CWE-522",
"title": "OpenClaw before 2026.3.12 embeds long-lived shared gateway credentials directly in pairing setup cod...",
"description": "OpenClaw before 2026.3.12 embeds long-lived shared gateway credentials directly in pairing setup codes generated by /pair endpoint and OpenClaw qr command. Attackers with access to leaked setup codes from chat history, logs, or screenshots can recover and reuse the shared gateway credential outside the intended one-time pairing flow.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:03.370",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-7h7g-x2px-94hj",
"https://www.vulncheck.com/advisories/openclaw-long-lived-credential-exposure-in-pairing-setup-codes"
],
"cvss_score": 7.5,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33575",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (7.5); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-33574",
"severity": "medium",
"type": "unknown_cwe_367",
"nvd_category_id": "CWE-367",
"title": "OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer th...",
"description": "OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:03.173",
"references": [
"https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639",
"https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2",
"https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download"
],
"cvss_score": 6.2,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33574",
"exploitability_score": "high",
"exploitability_rationale": "Medium CVSS score (6.2); requires local access; path traversal affects agents with file access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-33573",
"severity": "high",
"type": "exposure_of_resource_to_wrong_sphere",
"nvd_category_id": "CWE-668",
"title": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC th...",
"description": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operators can escape the configured workspace boundary and execute arbitrary file and exec operations from any process-accessible directory.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:02.980",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-2rqg-gjgv-84jm",
"https://www.vulncheck.com/advisories/openclaw-workspace-boundary-bypass-via-agent-rpc-parameters"
],
"cvss_score": 8.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33573",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (8.8); network accessible; RCE is critical in agent deployments",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-33572",
"severity": "high",
"type": "unknown_cwe_378",
"nvd_category_id": "CWE-378",
"title": "OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissio...",
"description": "OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:02.770",
"references": [
"https://github.com/openclaw/openclaw/commit/095d522099653367e1b76fa5bb09d4ddf7c8a57c",
"https://github.com/openclaw/openclaw/security/advisories/GHSA-vr7j-g7jv-h5mp",
"https://www.vulncheck.com/advisories/openclaw-insufficient-file-permissions-in-session-transcript-files"
],
"cvss_score": 8.4,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33572",
"exploitability_score": "medium",
"exploitability_rationale": "High CVSS score (8.4); requires local access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32987",
"severity": "critical",
"type": "unknown_cwe_294",
"nvd_category_id": "CWE-294",
"title": "OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verifica...",
"description": "OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admin.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:02.563",
"references": [
"https://github.com/openclaw/openclaw/commit/1803d16d5cec970c54b0e1ac46b31b1cbade335c",
"https://github.com/openclaw/openclaw/security/advisories/GHSA-63f5-hhc7-cx6p",
"https://www.vulncheck.com/advisories/openclaw-bootstrap-setup-code-replay-via-device-pairing"
],
"cvss_score": 9.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32987",
"exploitability_score": "high",
"exploitability_rationale": "Critical CVSS score (9.8); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32980",
"severity": "high",
"type": "unknown_cwe_770",
"nvd_category_id": "CWE-770",
"title": "OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-...",
"description": "OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-secret-token header, allowing unauthenticated attackers to exhaust server resources. Attackers can send POST requests to the webhook endpoint to force memory consumption, socket time, and JSON parsing work before authentication validation occurs.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:02.353",
"references": [
"https://github.com/openclaw/openclaw/commit/7e49e98f79073b11134beac27fdff547ba5a4a02",
"https://github.com/openclaw/openclaw/security/advisories/GHSA-jq3f-vjww-8rq7",
"https://www.vulncheck.com/advisories/openclaw-resource-exhaustion-via-unauthenticated-telegram-webhook-request"
],
"cvss_score": 7.5,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32980",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (7.5); remotely exploitable without authentication; RCE is critical in agent deployments",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32979",
"severity": "high",
"type": "unknown_cwe_367",
"nvd_category_id": "CWE-367",
"title": "OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute...",
"description": "OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution to achieve unintended code execution as the OpenClaw runtime user.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:02.157",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-xf99-j42q-5w5p",
"https://www.vulncheck.com/advisories/openclaw-unbound-interpreter-and-runtime-commands-bypass-in-node-host-approval"
],
"cvss_score": 7.3,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32979",
"exploitability_score": "medium",
"exploitability_rationale": "High CVSS score (7.3); requires local access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": true,
"requires_user_interaction": true,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32978",
"severity": "high",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fa...",
"description": "OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute modified code under the approved run context.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:01.963",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-qc36-x95h-7j53",
"https://www.vulncheck.com/advisories/openclaw-approval-bypass-via-unrecognized-script-runners"
],
"cvss_score": 8.0,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32978",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (8.0); network accessible",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": true,
"complexity": "high"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32975",
"severity": "critical",
"type": "unknown_cwe_807",
"nvd_category_id": "CWE-807",
"title": "OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode tha...",
"description": "OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode that matches mutable group display names instead of stable group identifiers. Attackers can create groups with identical names to allowlisted groups to bypass channel authorization and route messages from unintended groups to the agent.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:01.763",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-f5mf-3r52-r83w",
"https://www.vulncheck.com/advisories/openclaw-weak-authorization-via-mutable-group-names-in-zalouser-allowlist"
],
"cvss_score": 9.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32975",
"exploitability_score": "high",
"exploitability_rationale": "Critical CVSS score (9.8); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32974",
"severity": "high",
"type": "unknown_cwe_347",
"nvd_category_id": "CWE-347",
"title": "OpenClaw before 2026.3.12 contains an authentication bypass vulnerability in Feishu webhook mode whe...",
"description": "OpenClaw before 2026.3.12 contains an authentication bypass vulnerability in Feishu webhook mode when only verificationToken is configured without encryptKey, allowing acceptance of forged events. Unauthenticated network attackers can inject forged Feishu events and trigger downstream tool execution by reaching the webhook endpoint.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:01.570",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-g353-mgv3-8pcj",
"https://www.vulncheck.com/advisories/openclaw-forged-event-injection-via-feishu-webhook-verification-token"
],
"cvss_score": 8.6,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32974",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (8.6); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32973",
"severity": "critical",
"type": "unknown_cwe_625",
"nvd_category_id": "CWE-625",
"title": "OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlist...",
"description": "OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard matching across path segments to execute commands or paths not intended by operators.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:01.367",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-f8r2-vg7x-gh8m",
"https://www.vulncheck.com/advisories/openclaw-exec-allowlist-pattern-overmatch-via-posix-path-normalization"
],
"cvss_score": 9.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32973",
"exploitability_score": "high",
"exploitability_rationale": "Critical CVSS score (9.8); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32972",
"severity": "high",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated oper...",
"description": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated operators with only operator.write permission to access admin-only browser profile management routes through browser.request. Attackers can create or modify browser profiles and persist attacker-controlled remote CDP endpoints to disk without holding operator.admin privileges.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:01.167",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-vmhq-cqm9-6p7q",
"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-browser-profile-management-via-browser-request"
],
"cvss_score": 7.1,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32972",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (7.1); network accessible",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32924",
"severity": "critical",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction event...",
"description": "OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are misclassified as p2p conversations instead of group chats. Attackers can exploit this misclassification to bypass groupAllowFrom and requireMention protections in group chat reaction-derived events.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:00.963",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-m69h-jm2f-2pv8",
"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-misclassified-reaction-events-in-feishu"
],
"cvss_score": 9.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32924",
"exploitability_score": "high",
"exploitability_rationale": "Critical CVSS score (9.8); remotely exploitable without authentication",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": false,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32923",
"severity": "medium",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction i...",
"description": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction ingestion that fails to enforce member users and roles allowlist checks. Non-allowlisted guild members can trigger reaction events accepted as trusted system events, injecting reaction text into downstream session context.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:00.767",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-9vvh-2768-c8vp",
"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-discord-guild-reaction-allowlist-enforcement"
],
"cvss_score": 5.4,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32923",
"exploitability_score": "high",
"exploitability_rationale": "Medium CVSS score (5.4); network accessible; RCE is critical in agent deployments",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32922",
"severity": "critical",
"type": "unknown_cwe_266",
"nvd_category_id": "CWE-266",
"title": "OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that ...",
"description": "OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin tokens for paired devices and achieve remote code execution on connected nodes via system.run or gain unauthorized gateway-admin access.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:00.573",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-4jpw-hj22-2xmc",
"https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-unvalidated-scope-in-device-token-rotate"
],
"cvss_score": 9.9,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32922",
"exploitability_score": "high",
"exploitability_rationale": "Critical CVSS score (9.9); network accessible; RCE is critical in agent deployments",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32919",
"severity": "medium",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing write-scoped calle...",
"description": "OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing write-scoped callers to reach admin-only session reset logic. Attackers with operator.write scope can issue agent requests containing /new or /reset slash commands to reset targeted conversation state without holding operator.admin privileges.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:00.380",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-jf6w-m8jw-jfxc",
"https://www.vulncheck.com/advisories/openclaw-unauthorized-session-reset-via-agent-slash-commands"
],
"cvss_score": 6.1,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32919",
"exploitability_score": "medium",
"exploitability_rationale": "Medium CVSS score (6.1); requires local access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32918",
"severity": "high",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool...",
"description": "OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arbitrary sessionKey values to read or modify session data outside their sandbox scope, including persisted model overrides.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:17:00.173",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-wcxr-59v9-rxr8",
"https://www.vulncheck.com/advisories/openclaw-session-sandbox-escape-via-session-status-tool"
],
"cvss_score": 8.4,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32918",
"exploitability_score": "medium",
"exploitability_rationale": "High CVSS score (8.4); requires local access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32915",
"severity": "high",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents t...",
"description": "OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents to access the subagents control surface and resolve against parent requester scope instead of their own session tree. A low-privilege sandboxed leaf worker can steer or kill sibling runs and cause execution with broader tool policies by exploiting insufficient authorization checks on subagent control requests.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:16:59.973",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-4w7m-58cg-cmff",
"https://www.vulncheck.com/advisories/openclaw-sandbox-boundary-bypass-via-subagent-control-surface"
],
"cvss_score": 8.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32915",
"exploitability_score": "medium",
"exploitability_rationale": "High CVSS score (8.8); requires local access",
"attack_vector_analysis": {
"is_network_accessible": false,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32914",
"severity": "high",
"type": "incorrect_authorization",
"nvd_category_id": "CWE-863",
"title": "OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /...",
"description": "OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handlers that allows command-authorized non-owners to access owner-only surfaces. Attackers with command authorization can read or modify privileged configuration settings restricted to owners by exploiting missing owner-level permission checks.",
"affected": [
"openclaw@*"
],
"platforms": [
"openclaw"
],
"action": "Review and update affected components. See NVD for remediation details.",
"published": "2026-03-29T13:16:59.767",
"references": [
"https://github.com/openclaw/openclaw/security/advisories/GHSA-r7vr-gr74-94p8",
"https://www.vulncheck.com/advisories/openclaw-insufficient-access-control-in-config-and-debug-endpoints"
],
"cvss_score": 8.8,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32914",
"exploitability_score": "high",
"exploitability_rationale": "High CVSS score (8.8); network accessible",
"attack_vector_analysis": {
"is_network_accessible": true,
"requires_authentication": true,
"requires_user_interaction": false,
"complexity": "low"
},
"exploit_detection": {
"exploit_available": false,
"exploit_sources": []
}
},
{
"id": "CVE-2026-32846",
"severity": "medium",
skills/clawsec-feed/advisories/feed.json.sig
+1 -1
View File
@@ -1 +1 @@
LO4GipaNnYIHRy1pVNvs3Xv7oSCw3di2CINRecNcWbso/wtLBDaXsLJpiftXcPNraP1btreatUs5/E/83KrpDw==
TSqRdhkeagwdloGmkm82bHTXmkyxz/GWKAJ76rT0VhamxYlEW2Mb7ETqGDP/CORntEGxujpUUzpihNhXfoz8CQ==