Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/openclaw@2026.2.22
Typenpm
Namespace
Nameopenclaw
Version2026.2.22
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2026.3.7
Latest_non_vulnerable_version2026.3.11
Affected_by_vulnerabilities
0
url VCID-bbm8-2r84-puh5
vulnerability_id VCID-bbm8-2r84-puh5
summary 
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL
`shell-env` fallback trusted prefix-based executable paths for `$SHELL`, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22217
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04919
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22217
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/ff10fe8b91670044a6bb0cd85deb736a0ec8fb55
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
2
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/
url https://github.com/openclaw/openclaw/commit/ff10fe8b91670044a6bb0cd85deb736a0ec8fb55
3
reference_url https://www.vulncheck.com/advisories/openclaw-arbitrary-binary-execution-via-shell-environment-variable-trusted-prefix-fallback
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
2
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/
url https://www.vulncheck.com/advisories/openclaw-arbitrary-binary-execution-via-shell-environment-variable-trusted-prefix-fallback
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22217
reference_id CVE-2026-22217
reference_type
scores
0
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22217
5
reference_url https://github.com/advisories/GHSA-p4wh-cr8m-gm6c
reference_id GHSA-p4wh-cr8m-gm6c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p4wh-cr8m-gm6c
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-p4wh-cr8m-gm6c
reference_id GHSA-p4wh-cr8m-gm6c
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-p4wh-cr8m-gm6c
fixed_packages
0
url pkg:npm/openclaw@2026.2.23
purl pkg:npm/openclaw@2026.2.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14dm-xdbs-jyag
1
vulnerability VCID-4t15-ucme-rfds
2
vulnerability VCID-7fne-xf3e-nbf4
3
vulnerability VCID-er7e-mmer-2fam
4
vulnerability VCID-eubb-389j-a3aj
5
vulnerability VCID-fd3n-z36p-qyem
6
vulnerability VCID-j56m-mjsq-vkg2
7
vulnerability VCID-mggm-k7ad-euah
8
vulnerability VCID-nsu6-ny82-qyh2
9
vulnerability VCID-tjyg-pe2k-rffg
10
vulnerability VCID-usnj-f1tv-p7eh
11
vulnerability VCID-ze3j-1fak-pqfz
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.23
aliases CVE-2026-22217, GHSA-p4wh-cr8m-gm6c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbm8-2r84-puh5
1
url VCID-gq39-w2ua-3ua5
vulnerability_id VCID-gq39-w2ua-3ua5
summary 
OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth
A client using shared gateway auth could attach an unpaired device identity and request elevated operator scopes (including `operator.admin`) before pairing approval, enabling privilege escalation.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/8d1481cb4a9d31bd617e52dc8c392c35689d9dea
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/8d1481cb4a9d31bd617e52dc8c392c35689d9dea
2
reference_url https://github.com/advisories/GHSA-553v-f69r-656j
reference_id GHSA-553v-f69r-656j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-553v-f69r-656j
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-553v-f69r-656j
reference_id GHSA-553v-f69r-656j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-553v-f69r-656j
fixed_packages
0
url pkg:npm/openclaw@2026.2.25
purl pkg:npm/openclaw@2026.2.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mbh-umh4-zqa2
1
vulnerability VCID-d3vu-athv-1yc5
2
vulnerability VCID-e1nr-qevt-4qfp
3
vulnerability VCID-fsk8-x769-a7dx
4
vulnerability VCID-j1mx-pyb9-2ubb
5
vulnerability VCID-qutb-x5ca-bqh4
6
vulnerability VCID-s73c-yny2-ryam
7
vulnerability VCID-yv99-c9yg-6fhq
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.25
aliases GHSA-553v-f69r-656j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gq39-w2ua-3ua5
2
url VCID-usnj-f1tv-p7eh
vulnerability_id VCID-usnj-f1tv-p7eh
summary 
OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch
In `openclaw` versions `2026.2.22` and `2026.2.23`, the optional `synology-chat` channel plugin had an authorization fail-open condition: when `dmPolicy` was `allowlist` and `allowedUserIds` was empty/unset, unauthorized senders were still allowed through to agent dispatch.

This is assessed as **medium** severity because it requires channel/plugin setup and Synology sender access, but can still trigger downstream agent/tool actions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31998
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21767
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31998
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/
url https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5
3
reference_url https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/
url https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb
4
reference_url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/
url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-31998
reference_id CVE-2026-31998
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-31998
6
reference_url https://github.com/advisories/GHSA-gw85-xp4q-5gp9
reference_id GHSA-gw85-xp4q-5gp9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gw85-xp4q-5gp9
7
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9
reference_id GHSA-gw85-xp4q-5gp9
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9
fixed_packages
0
url pkg:npm/openclaw@2026.2.24
purl pkg:npm/openclaw@2026.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-26du-1t53-kkg9
1
vulnerability VCID-3y9t-nf4h-3qfz
2
vulnerability VCID-7bfc-65n9-rqgy
3
vulnerability VCID-7qe2-mnh9-5fbm
4
vulnerability VCID-9cqw-a6a2-nbav
5
vulnerability VCID-b93t-4b79-kqf1
6
vulnerability VCID-f15v-1uxp-k7bq
7
vulnerability VCID-gq39-w2ua-3ua5
8
vulnerability VCID-jvq7-fg12-qff9
9
vulnerability VCID-ngkr-an54-vydw
10
vulnerability VCID-q4sc-cnnf-5qhv
11
vulnerability VCID-sphc-z7ve-kugm
12
vulnerability VCID-up8q-9der-b3as
13
vulnerability VCID-ypfb-w6h4-efdk
14
vulnerability VCID-ywq2-m4s8-y3bb
15
vulnerability VCID-yz1m-hhrg-kyf1
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.24
aliases CVE-2026-31998, GHSA-gw85-xp4q-5gp9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-usnj-f1tv-p7eh
Fixing_vulnerabilities
0
url VCID-1z13-f6z6-5ud2
vulnerability_id VCID-1z13-f6z6-5ud2
summary 
OpenClaw has a Discord `allowFrom` slug-collision authorization bypass
OpenClaw supports Discord allowlists using either user IDs or names/tags. Name/tag matching depends on slug normalization, so different user tags can collide to the same slug and unintentionally satisfy a name-based allowlist entry.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/747bb581b3f2264495e1fec5a0727d9f2ca1b6f1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/747bb581b3f2264495e1fec5a0727d9f2ca1b6f1
2
reference_url https://github.com/openclaw/openclaw/commit/f97c45c5b5e0698b6667bb5f6badc0cac7dabd12
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/f97c45c5b5e0698b6667bb5f6badc0cac7dabd12
3
reference_url https://github.com/advisories/GHSA-4cqv-h74h-93j4
reference_id GHSA-4cqv-h74h-93j4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4cqv-h74h-93j4
4
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-4cqv-h74h-93j4
reference_id GHSA-4cqv-h74h-93j4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-4cqv-h74h-93j4
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-4cqv-h74h-93j4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1z13-f6z6-5ud2
1
url VCID-1zvf-f1sb-pug1
vulnerability_id VCID-1zvf-f1sb-pug1
summary 
OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths
OpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/9363c320d8ffe29290906752fab92621da02c3f7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/9363c320d8ffe29290906752fab92621da02c3f7
2
reference_url https://github.com/advisories/GHSA-5h2c-8v84-qpvr
reference_id GHSA-5h2c-8v84-qpvr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5h2c-8v84-qpvr
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2c-8v84-qpvr
reference_id GHSA-5h2c-8v84-qpvr
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2c-8v84-qpvr
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-5h2c-8v84-qpvr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zvf-f1sb-pug1
2
url VCID-3nkc-4787-jfba
vulnerability_id VCID-3nkc-4787-jfba
summary 
OpenClaw's Node role device-identity bypass allows unauthorized node.event injection
A client authenticated with a shared gateway token could connect as `role=node` without device identity/pairing, then call `node.event` to trigger `agent.request` and `voice.transcript` flows.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32001
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.2142
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32001
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/ddcb2d79b17bf2a42c5037d8aeff1537a12b931e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/
url https://github.com/openclaw/openclaw/commit/ddcb2d79b17bf2a42c5037d8aeff1537a12b931e
3
reference_url https://www.vulncheck.com/advisories/openclaw-node-role-device-identity-bypass-via-websocket-authentication
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/
url https://www.vulncheck.com/advisories/openclaw-node-role-device-identity-bypass-via-websocket-authentication
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32001
reference_id CVE-2026-32001
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32001
5
reference_url https://github.com/advisories/GHSA-rv2q-f2h5-6xmg
reference_id GHSA-rv2q-f2h5-6xmg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv2q-f2h5-6xmg
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-rv2q-f2h5-6xmg
reference_id GHSA-rv2q-f2h5-6xmg
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-rv2q-f2h5-6xmg
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32001, GHSA-rv2q-f2h5-6xmg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3nkc-4787-jfba
3
url VCID-41v6-vk5t-x7dr
vulnerability_id VCID-41v6-vk5t-x7dr
summary 
OpenClaw has system.run shell-wrapper env injection via SHELLOPTS/PS4 can bypass allowlist intent (RCE)
`system.run` allowed `SHELLOPTS` + `PS4` environment injection to trigger command substitution during `bash -lc` xtrace expansion before the allowlisted command body executed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32003
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21487
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32003
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/e80c803fa887f9699ad87a9e906ab5c1ff85bd9a
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/
url https://github.com/openclaw/openclaw/commit/e80c803fa887f9699ad87a9e906ab5c1ff85bd9a
3
reference_url https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shellopts-ps4-environment-injection-in-system-run
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/
url https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shellopts-ps4-environment-injection-in-system-run
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32003
reference_id CVE-2026-32003
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32003
5
reference_url https://github.com/advisories/GHSA-2fgq-7j6h-9rm4
reference_id GHSA-2fgq-7j6h-9rm4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2fgq-7j6h-9rm4
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-2fgq-7j6h-9rm4
reference_id GHSA-2fgq-7j6h-9rm4
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-2fgq-7j6h-9rm4
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32003, GHSA-2fgq-7j6h-9rm4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-41v6-vk5t-x7dr
4
url VCID-448f-b5t9-4qfb
vulnerability_id VCID-448f-b5t9-4qfb
summary 
In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program
This issue applies to a **non-default configuration** only.
If `sort` is manually added to `tools.exec.safeBins`, OpenClaw could treat `sort --compress-program=<prog>` as valid safe-bin usage.
In `security=allowlist` + `ask=on-miss`, this could satisfy allowlist checks and skip operator approval, while GNU `sort` may invoke an external program via `--compress-program`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32010
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.15429
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32010
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/
url https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c
3
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-compress-program-parameter
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-compress-program-parameter
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32010
reference_id CVE-2026-32010
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32010
5
reference_url https://github.com/advisories/GHSA-4gc7-qcvf-38wg
reference_id GHSA-4gc7-qcvf-38wg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gc7-qcvf-38wg
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-4gc7-qcvf-38wg
reference_id GHSA-4gc7-qcvf-38wg
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 5.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-4gc7-qcvf-38wg
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32010, GHSA-4gc7-qcvf-38wg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-448f-b5t9-4qfb
5
url VCID-48g4-bch6-wuhy
vulnerability_id VCID-48g4-bch6-wuhy
summary 
OpenClaw hook transform path containment missed symlink-resolved escapes
When an attacker can cause a transform module path to reference a symlinked entry that resolves outside the trusted transform directory, the gateway may import and execute unintended JavaScript with gateway-process privileges.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/f4dd0577b055f77af783105bd65eae32f3d5e6a1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/f4dd0577b055f77af783105bd65eae32f3d5e6a1
2
reference_url https://github.com/advisories/GHSA-659f-22xc-98f2
reference_id GHSA-659f-22xc-98f2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-659f-22xc-98f2
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-659f-22xc-98f2
reference_id GHSA-659f-22xc-98f2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-659f-22xc-98f2
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-659f-22xc-98f2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48g4-bch6-wuhy
6
url VCID-5u6m-gc2d-uuee
vulnerability_id VCID-5u6m-gc2d-uuee
summary 
OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains
`system.run` exec allowlist analysis treated wrapper binaries as the effective executable and did not fully unwrap `env`/shell-dispatch wrappers.

This allowed wrapper-smuggled payloads (for example `env bash -lc ...`) to satisfy an allowlist entry for the wrapper while executing non-allowlisted commands.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27566
reference_id
reference_type
scores
0
value 0.00101
scoring_system epss
scoring_elements 0.27501
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27566
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/2b63592be57782c8946e521bc81286933f0f99c7
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/
url https://github.com/openclaw/openclaw/commit/2b63592be57782c8946e521bc81286933f0f99c7
3
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-wrapper-binary-unwrapping-in-system-run
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-wrapper-binary-unwrapping-in-system-run
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27566
reference_id CVE-2026-27566
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27566
5
reference_url https://github.com/advisories/GHSA-jj82-76v6-933r
reference_id GHSA-jj82-76v6-933r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jj82-76v6-933r
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-jj82-76v6-933r
reference_id GHSA-jj82-76v6-933r
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-jj82-76v6-933r
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-27566, GHSA-jj82-76v6-933r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5u6m-gc2d-uuee
7
url VCID-62dj-46tc-zbec
vulnerability_id VCID-62dj-46tc-zbec
summary 
OpenClaw's system.run allowlist bypass via shell line-continuation command substitution
In OpenClaw `system.run` allowlist mode, shell-wrapper analysis could be bypassed by splitting command substitution as `$\\` + newline + `(` inside double quotes. Analysis treated the payload as allowlisted (for example `/bin/echo`), while shell runtime folded the line continuation into `$(...)` and executed non-allowlisted subcommands.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28460
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.08116
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28460
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/
url https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9
3
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28460
reference_id CVE-2026-28460
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28460
5
reference_url https://github.com/advisories/GHSA-9868-vxmx-w862
reference_id GHSA-9868-vxmx-w862
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9868-vxmx-w862
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862
reference_id GHSA-9868-vxmx-w862
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-28460, GHSA-9868-vxmx-w862
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-62dj-46tc-zbec
8
url VCID-6fzb-enfj-97ax
vulnerability_id VCID-6fzb-enfj-97ax
summary 
OpenClaw's inbound media downloads could exceed configured byte limits before rejection across multiple channels
OpenClaw did not consistently enforce configured inbound media byte limits before buffering remote media in several channel ingestion paths. A remote sender could trigger oversized downloads and memory pressure before rejection.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32049
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39265
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32049
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/
url https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c
3
reference_url https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-inbound-media-download-byte-limit-bypass
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/
url https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-inbound-media-download-byte-limit-bypass
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32049
reference_id CVE-2026-32049
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32049
5
reference_url https://github.com/advisories/GHSA-rxxp-482v-7mrh
reference_id GHSA-rxxp-482v-7mrh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rxxp-482v-7mrh
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-rxxp-482v-7mrh
reference_id GHSA-rxxp-482v-7mrh
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-rxxp-482v-7mrh
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32049, GHSA-rxxp-482v-7mrh
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fzb-enfj-97ax
9
url VCID-6qcv-e969-auht
vulnerability_id VCID-6qcv-e969-auht
summary 
OpenClaw has a Feishu allowFrom authorization bypass via display-name collision
Feishu allowlist authorization could be bypassed by display-name collision.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32021
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13042
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32021
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/4ed87a667263ed2d422b9d5d5a5d326e099f92c7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/
url https://github.com/openclaw/openclaw/commit/4ed87a667263ed2d422b9d5d5a5d326e099f92c7
3
reference_url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-display-name-collision-in-feishu-allowfrom
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/
url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-display-name-collision-in-feishu-allowfrom
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32021
reference_id CVE-2026-32021
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32021
5
reference_url https://github.com/advisories/GHSA-j4xf-96qf-rx69
reference_id GHSA-j4xf-96qf-rx69
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j4xf-96qf-rx69
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-j4xf-96qf-rx69
reference_id GHSA-j4xf-96qf-rx69
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-j4xf-96qf-rx69
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32021, GHSA-j4xf-96qf-rx69
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qcv-e969-auht
10
url VCID-71sz-dbb5-eqcr
vulnerability_id VCID-71sz-dbb5-eqcr
summary 
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode
When `tools.exec.safeBins` contained a binary without an explicit safe-bin profile, OpenClaw used a permissive generic fallback profile. In allowlist mode, that could let interpreter-style binaries (for example `python3`, `node`, `ruby`) execute inline payloads via flags like `-c`.

This requires explicit operator configuration to add such binaries to `safeBins`, so impact is limited to non-default/misconfigured deployments.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/47c3f742b6c488be26dd7b9636dbbb8676089154
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/47c3f742b6c488be26dd7b9636dbbb8676089154
2
reference_url https://github.com/advisories/GHSA-8mf7-vv8w-hjr2
reference_id GHSA-8mf7-vv8w-hjr2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8mf7-vv8w-hjr2
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-8mf7-vv8w-hjr2
reference_id GHSA-8mf7-vv8w-hjr2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-8mf7-vv8w-hjr2
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-8mf7-vv8w-hjr2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71sz-dbb5-eqcr
11
url VCID-8sa7-z4vg-a7h7
vulnerability_id VCID-8sa7-z4vg-a7h7
summary 
OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback
- Auth-secret dual-use across security domains (gateway auth and prompt metadata hashing).
- Hash outputs are visible to third-party model providers in system prompts.
- No direct plaintext token disclosure.
- Practical risk is highest when operators use weak gateway tokens and leave owner hash secret unset.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32897
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.1864
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32897
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/
url https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7
3
reference_url https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/
url https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32897
reference_id CVE-2026-32897
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32897
5
reference_url https://github.com/advisories/GHSA-v6x2-2qvm-6gv8
reference_id GHSA-v6x2-2qvm-6gv8
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6x2-2qvm-6gv8
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8
reference_id GHSA-v6x2-2qvm-6gv8
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
4
value LOW
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32897, GHSA-v6x2-2qvm-6gv8
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8sa7-z4vg-a7h7
12
url VCID-c184-vqhe-h7hy
vulnerability_id VCID-c184-vqhe-h7hy
summary 
OpenClaw has macOS `system.run` allowlist bypass via quoted command substitution
In OpenClaw's macOS node-host path, `system.run` allowlist parsing in `security=allowlist` mode failed to reject command substitution tokens when they appeared inside double-quoted shell text.

Because of that gap, payloads like `echo "ok $(id)"` could be treated as allowlist hits (first executable token `echo`) while still executing non-allowlisted subcommands through shell substitution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22179
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65553
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22179
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/90a378ca3a9ecbf1634cd247f17a35f4612c6ca6
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/
url https://github.com/openclaw/openclaw/commit/90a378ca3a9ecbf1634cd247f17a35f4612c6ca6
3
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-command-substitution-in-system-run
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-command-substitution-in-system-run
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22179
reference_id CVE-2026-22179
reference_type
scores
0
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22179
5
reference_url https://github.com/advisories/GHSA-9p38-94jf-hgjj
reference_id GHSA-9p38-94jf-hgjj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9p38-94jf-hgjj
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-9p38-94jf-hgjj
reference_id GHSA-9p38-94jf-hgjj
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-9p38-94jf-hgjj
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-22179, GHSA-9p38-94jf-hgjj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c184-vqhe-h7hy
13
url VCID-dae6-x8zc-5kbk
vulnerability_id VCID-dae6-x8zc-5kbk
summary 
OpenClaw: macOS optional allowlist basename matching could bypass path-based policy
On macOS node-host, optional exec-approval allowlist mode previously treated basename-only entries (for example `echo`) as trusted command matches.
This could allow a same-name local binary (for example `./echo`) to run without approval under `security=allowlist` + `ask=on-miss`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32016
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04764
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32016
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/
url https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd
3
reference_url https://www.vulncheck.com/advisories/openclaw-path-traversal-via-basename-only-allowlist-matching-on-macos
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/
url https://www.vulncheck.com/advisories/openclaw-path-traversal-via-basename-only-allowlist-matching-on-macos
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32016
reference_id CVE-2026-32016
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32016
5
reference_url https://github.com/advisories/GHSA-7f4q-9rqh-x36p
reference_id GHSA-7f4q-9rqh-x36p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7f4q-9rqh-x36p
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-7f4q-9rqh-x36p
reference_id GHSA-7f4q-9rqh-x36p
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-7f4q-9rqh-x36p
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32016, GHSA-7f4q-9rqh-x36p
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dae6-x8zc-5kbk
14
url VCID-erwj-hmpx-f7dd
vulnerability_id VCID-erwj-hmpx-f7dd
summary 
OpenClaw Loopback CDP probe can leak Gateway token to local listener
A local process can capture the OpenClaw Gateway auth token from Chrome CDP probe traffic on loopback.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22174
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.086
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22174
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/
url https://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad
3
reference_url https://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/
url https://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22174
reference_id CVE-2026-22174
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22174
5
reference_url https://github.com/advisories/GHSA-v3j7-34xh-6g3w
reference_id GHSA-v3j7-34xh-6g3w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v3j7-34xh-6g3w
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w
reference_id GHSA-v3j7-34xh-6g3w
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-22174, GHSA-v3j7-34xh-6g3w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erwj-hmpx-f7dd
15
url VCID-gkw1-jgms-dqc5
vulnerability_id VCID-gkw1-jgms-dqc5
summary 
OpenClaw: BlueBubbles (optional plugin) pairing/allowlist mismatch when allowFrom is empty
BlueBubbles is an optional OpenClaw channel plugin. A configuration-sensitive access-control mismatch allowed DM senders to be treated as authorized when `dmPolicy` was `pairing` or `allowlist` and `allowFrom` was empty/unset.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22170
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22568
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22170
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd
3
reference_url https://github.com/openclaw/openclaw/commit/4540790cb62412676f7b61cfc6e47443f84a251e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://github.com/openclaw/openclaw/commit/4540790cb62412676f7b61cfc6e47443f84a251e
4
reference_url https://github.com/openclaw/openclaw/commit/51c0893673de8e5cea64e64351dbfa4680ba0dec
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://github.com/openclaw/openclaw/commit/51c0893673de8e5cea64e64351dbfa4680ba0dec
5
reference_url https://github.com/openclaw/openclaw/commit/9632b9bcf032c5f2280c3103961fde912ab1f920
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://github.com/openclaw/openclaw/commit/9632b9bcf032c5f2280c3103961fde912ab1f920
6
reference_url https://www.vulncheck.com/advisories/openclaw-bluebubbles-access-control-bypass-via-empty-allowfrom-configuration
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://www.vulncheck.com/advisories/openclaw-bluebubbles-access-control-bypass-via-empty-allowfrom-configuration
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22170
reference_id CVE-2026-22170
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22170
8
reference_url https://github.com/advisories/GHSA-jwf4-8wf4-jf2m
reference_id GHSA-jwf4-8wf4-jf2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jwf4-8wf4-jf2m
9
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m
reference_id GHSA-jwf4-8wf4-jf2m
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-22170, GHSA-jwf4-8wf4-jf2m
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkw1-jgms-dqc5
16
url VCID-gzh6-b3gy-auag
vulnerability_id VCID-gzh6-b3gy-auag
summary 
OpenClaw: Zip extraction symlink traversal could write outside destination
A path confinement bypass in OpenClaw ZIP extraction allowed writes outside the intended destination when a pre-existing symlink was present under the extraction root.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/4b226b74f5fd3b106a83a6347fd404172e2fd246
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/4b226b74f5fd3b106a83a6347fd404172e2fd246
2
reference_url https://github.com/advisories/GHSA-jxrq-8fm4-9p58
reference_id GHSA-jxrq-8fm4-9p58
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jxrq-8fm4-9p58
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-jxrq-8fm4-9p58
reference_id GHSA-jxrq-8fm4-9p58
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-jxrq-8fm4-9p58
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-jxrq-8fm4-9p58
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzh6-b3gy-auag
17
url VCID-jbq7-hx48-aye4
vulnerability_id VCID-jbq7-hx48-aye4
summary 
OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution
In `openclaw` npm releases up to and including `2026.2.21-2`, approving wrapped `system.run` commands with `allow-always` in `security=allowlist` mode could persist wrapper-level allowlist entries and enable later approval-bypass execution of different inner payloads.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29607
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25665
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29607
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/24c954d972400f508814532dea0e4dcb38418bb0
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/
url https://github.com/openclaw/openclaw/commit/24c954d972400f508814532dea0e4dcb38418bb0
3
reference_url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-allow-always-wrapper-persistence
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/
url https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-allow-always-wrapper-persistence
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29607
reference_id CVE-2026-29607
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29607
5
reference_url https://github.com/advisories/GHSA-6j27-pc5c-m8w8
reference_id GHSA-6j27-pc5c-m8w8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j27-pc5c-m8w8
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-6j27-pc5c-m8w8
reference_id GHSA-6j27-pc5c-m8w8
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-6j27-pc5c-m8w8
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-29607, GHSA-6j27-pc5c-m8w8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbq7-hx48-aye4
18
url VCID-jjr9-wnqp-a7fj
vulnerability_id VCID-jjr9-wnqp-a7fj
summary 
OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass
`channels.*.groups.*.toolsBySender` could match a privileged sender policy using a colliding mutable identity value (for example `senderName` or `senderUsername`) when deployments used untyped keys.

The fix introduces explicit typed sender keys (`id:`, `e164:`, `username:`, `name:`), keeps legacy untyped keys on a deprecated ID-only path, and adds regression coverage to prevent cross-identifier collisions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32039
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09865
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32039
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/5547a2275cb69413af3b62c795b93214fe913b57
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/
url https://github.com/openclaw/openclaw/commit/5547a2275cb69413af3b62c795b93214fe913b57
3
reference_url https://www.vulncheck.com/advisories/openclaw-sender-authorization-bypass-via-identity-collision-in-toolsbysender
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/
url https://www.vulncheck.com/advisories/openclaw-sender-authorization-bypass-via-identity-collision-in-toolsbysender
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32039
reference_id CVE-2026-32039
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32039
5
reference_url https://github.com/advisories/GHSA-wpph-cjgr-7c39
reference_id GHSA-wpph-cjgr-7c39
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wpph-cjgr-7c39
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-wpph-cjgr-7c39
reference_id GHSA-wpph-cjgr-7c39
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
3
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-wpph-cjgr-7c39
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32039, GHSA-wpph-cjgr-7c39
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjr9-wnqp-a7fj
19
url VCID-kvbs-z8cy-eba7
vulnerability_id VCID-kvbs-z8cy-eba7
summary 
OpenClaw has hook auth rate limiter bypass via IPv4-mapped IPv6 client key variants
An attacker could split failed hook-auth attempts across both address forms and effectively double the brute-force budget from 20 to 40 attempts per 60-second window.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/3284d2eb227e7b6536d543bcf5c3e320bc9d13c5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/3284d2eb227e7b6536d543bcf5c3e320bc9d13c5
2
reference_url https://github.com/advisories/GHSA-5847-rm3g-23mw
reference_id GHSA-5847-rm3g-23mw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5847-rm3g-23mw
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-5847-rm3g-23mw
reference_id GHSA-5847-rm3g-23mw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-5847-rm3g-23mw
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-5847-rm3g-23mw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvbs-z8cy-eba7
20
url VCID-mcd3-wr9z-nug1
vulnerability_id VCID-mcd3-wr9z-nug1
summary 
OpenClaw's Control UI Static File Handler Follows Symlinks and Allows Out-of-Root File Read
The Control UI static file handler previously validated asset paths lexically and then served files with APIs that follow symbolic links. A symlink placed under the Control UI root could cause out-of-root file reads.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32020
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05985
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32020
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/7c500ff6236fa087ec1ec88696ca9f6881e90dc5
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/
url https://github.com/openclaw/openclaw/commit/7c500ff6236fa087ec1ec88696ca9f6881e90dc5
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32020
reference_id CVE-2026-32020
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2026-32020
4
reference_url https://github.com/advisories/GHSA-5ghc-98wh-gwwf
reference_id GHSA-5ghc-98wh-gwwf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5ghc-98wh-gwwf
5
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-5ghc-98wh-gwwf
reference_id GHSA-5ghc-98wh-gwwf
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-5ghc-98wh-gwwf
6
reference_url https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler
reference_id openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/
url https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32020, GHSA-5ghc-98wh-gwwf
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mcd3-wr9z-nug1
21
url VCID-mnqn-u8vr-y3bb
vulnerability_id VCID-mnqn-u8vr-y3bb
summary 
OpenClaw voice-call media stream validated streams after upgrade, which could allow pre-start unauthenticated sockets to increase resource pressure
`@openclaw/voice-call` (and the bundled copy shipped in `openclaw`) accepted media-stream WebSocket upgrades before stream validation. In reachable deployments, unauthenticated pre-start sockets could be held open and increase resource pressure.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32062
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.3414
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32062
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/1d8968c8a821ff1a05c294a1846b3bcb6f343794
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/
url https://github.com/openclaw/openclaw/commit/1d8968c8a821ff1a05c294a1846b3bcb6f343794
3
reference_url https://www.vulncheck.com/advisories/openclaw-unauthenticated-websocket-resource-exhaustion-via-media-stream
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/
url https://www.vulncheck.com/advisories/openclaw-unauthenticated-websocket-resource-exhaustion-via-media-stream
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32062
reference_id CVE-2026-32062
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32062
5
reference_url https://github.com/advisories/GHSA-mfg5-7q5g-f37j
reference_id GHSA-mfg5-7q5g-f37j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mfg5-7q5g-f37j
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-mfg5-7q5g-f37j
reference_id GHSA-mfg5-7q5g-f37j
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-mfg5-7q5g-f37j
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32062, GHSA-mfg5-7q5g-f37j
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mnqn-u8vr-y3bb
22
url VCID-qb8b-gbya-2qas
vulnerability_id VCID-qb8b-gbya-2qas
summary 
OpenClaw's MSTeams attachment redirect handling could bypass configured media host allowlists
In OpenClaw MSTeams media download flows, redirect handling could bypass configured `mediaAllowHosts` checks in specific attachment paths. Redirect chains were not consistently constrained to allowlisted targets before accepting fetched content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32037
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13037
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32037
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
3
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/
url https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c
3
reference_url https://github.com/openclaw/openclaw/commit/b34097f62df9d1960cc22600269cd3f3284e2124
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
3
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/
url https://github.com/openclaw/openclaw/commit/b34097f62df9d1960cc22600269cd3f3284e2124
4
reference_url https://www.vulncheck.com/advisories/openclaw-redirect-chain-bypass-of-media-host-allowlist-in-msteams-attachment-handling
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
3
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/
url https://www.vulncheck.com/advisories/openclaw-redirect-chain-bypass-of-media-host-allowlist-in-msteams-attachment-handling
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32037
reference_id CVE-2026-32037
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32037
6
reference_url https://github.com/advisories/GHSA-w76h-8m22-hpgh
reference_id GHSA-w76h-8m22-hpgh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w76h-8m22-hpgh
7
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-w76h-8m22-hpgh
reference_id GHSA-w76h-8m22-hpgh
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
4
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
5
value HIGH
scoring_system generic_textual
scoring_elements
6
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-w76h-8m22-hpgh
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32037, GHSA-w76h-8m22-hpgh
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qb8b-gbya-2qas
23
url VCID-qjsg-ampt-tkh7
vulnerability_id VCID-qjsg-ampt-tkh7
summary 
OpenClaw's non-default safeBins sort configuration can bypass intended allowlist approval constraints
When `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22169
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13801
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22169
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/
url https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22169
reference_id CVE-2026-22169
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2026-22169
4
reference_url https://github.com/advisories/GHSA-vmqr-rc7x-3446
reference_id GHSA-vmqr-rc7x-3446
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vmqr-rc7x-3446
5
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-vmqr-rc7x-3446
reference_id GHSA-vmqr-rc7x-3446
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-vmqr-rc7x-3446
6
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-configuration-in-safebins
reference_id openclaw-allowlist-bypass-via-sort-configuration-in-safebins
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-configuration-in-safebins
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-22169, GHSA-vmqr-rc7x-3446
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qjsg-ampt-tkh7
24
url VCID-rkpk-f92u-fbb9
vulnerability_id VCID-rkpk-f92u-fbb9
summary 
OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains
In the macOS companion app (**currently beta**), a parsing mismatch in exec approvals could let shell-chain payloads pass allowlist checks in `system.run` under specific settings.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31993
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21735
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31993
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
2
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/
url https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5
3
reference_url https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
2
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/
url https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784
4
reference_url https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
2
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/
url https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-31993
reference_id CVE-2026-31993
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-31993
6
reference_url https://github.com/advisories/GHSA-5f9p-f3w2-fwch
reference_id GHSA-5f9p-f3w2-fwch
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5f9p-f3w2-fwch
7
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch
reference_id GHSA-5f9p-f3w2-fwch
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
3
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
4
value LOW
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-31993, GHSA-5f9p-f3w2-fwch
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkpk-f92u-fbb9
25
url VCID-sys2-6sn1-suak
vulnerability_id VCID-sys2-6sn1-suak
summary 
OpenClaw's avatar symlink traversal can expose out-of-workspace local files
OpenClaw avatar handling allowed a symlink traversal path that could expose local files outside an agent workspace through gateway avatar surfaces.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32024
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.18845
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32024
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/
url https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77
3
reference_url https://github.com/openclaw/openclaw/commit/6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/
url https://github.com/openclaw/openclaw/commit/6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2
4
reference_url https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-avatar-handling
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/
url https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-avatar-handling
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32024
reference_id CVE-2026-32024
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32024
6
reference_url https://github.com/advisories/GHSA-rx3g-mvc3-qfjf
reference_id GHSA-rx3g-mvc3-qfjf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rx3g-mvc3-qfjf
7
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-rx3g-mvc3-qfjf
reference_id GHSA-rx3g-mvc3-qfjf
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
3
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-rx3g-mvc3-qfjf
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32024, GHSA-rx3g-mvc3-qfjf
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sys2-6sn1-suak
26
url VCID-u1qe-2qj5-dyfg
vulnerability_id VCID-u1qe-2qj5-dyfg
summary 
OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization
In certain elevated-mode configurations, `tools.elevated.allowFrom` accepted broader identity signals than intended. The fix tightens matching to sender-scoped identity by default and makes mutable metadata matching explicit.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/6817c0ec7b4fa830123d4f5c340f075a4bd04ee2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/6817c0ec7b4fa830123d4f5c340f075a4bd04ee2
2
reference_url https://github.com/advisories/GHSA-f6h3-846h-2r8w
reference_id GHSA-f6h3-846h-2r8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6h3-846h-2r8w
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-f6h3-846h-2r8w
reference_id GHSA-f6h3-846h-2r8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-f6h3-846h-2r8w
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-f6h3-846h-2r8w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1qe-2qj5-dyfg
27
url VCID-u2v1-9adt-afh4
vulnerability_id VCID-u2v1-9adt-afh4
summary 
OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard
`isPrivateIpv4()` in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so `web_fetch` could allow targets that should be blocked by SSRF policy.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32019
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15802
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32019
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/333fbb86347998526dd514290adfd5f727caa6d9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://github.com/openclaw/openclaw/commit/333fbb86347998526dd514290adfd5f727caa6d9
3
reference_url https://github.com/openclaw/openclaw/commit/44dfbd23df453e51b71ef79a148c28c53e89168c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://github.com/openclaw/openclaw/commit/44dfbd23df453e51b71ef79a148c28c53e89168c
4
reference_url https://github.com/openclaw/openclaw/commit/71bd15bb4294d3d1b54386064d69cd0f5f731bd8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://github.com/openclaw/openclaw/commit/71bd15bb4294d3d1b54386064d69cd0f5f731bd8
5
reference_url https://github.com/openclaw/openclaw/commit/f14ebd743cfc73f667fae80af70043d0ab1f88bd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://github.com/openclaw/openclaw/commit/f14ebd743cfc73f667fae80af70043d0ab1f88bd
6
reference_url https://www.vulncheck.com/advisories/openclaw-incomplete-ipv4-special-use-range-blocking-in-ssrf-guard
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://www.vulncheck.com/advisories/openclaw-incomplete-ipv4-special-use-range-blocking-in-ssrf-guard
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32019
reference_id CVE-2026-32019
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32019
8
reference_url https://github.com/advisories/GHSA-4rqq-w8v4-7p47
reference_id GHSA-4rqq-w8v4-7p47
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4rqq-w8v4-7p47
9
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47
reference_id GHSA-4rqq-w8v4-7p47
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
4
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5
value MODERATE
scoring_system generic_textual
scoring_elements
6
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32019, GHSA-4rqq-w8v4-7p47
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2v1-9adt-afh4
28
url VCID-uvbz-2mv1-suh4
vulnerability_id VCID-uvbz-2mv1-suh4
summary 
OpenClaw's shell env fallback trusts unvalidated SHELL path from host environment
The shell environment fallback path could invoke an attacker-controlled shell when `SHELL` was inherited from an untrusted host environment. In affected builds, shell-env loading used `$SHELL -l -c 'env -0'` without validating that `SHELL` points to a trusted executable.

In threat-model terms, this requires local environment compromise or untrusted startup environment injection first; it is not a remote pre-auth path. The hardening patch validates `SHELL` as an absolute normalized executable, prefers `/etc/shells`, applies trusted-prefix fallback checks, and falls back safely to `/bin/sh` when validation fails. The dangerous env-var policy now also blocks `SHELL` overrides.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32032
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.06178
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32032
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/25e89cc86338ef475d26be043aa541dfdb95e52a
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/
url https://github.com/openclaw/openclaw/commit/25e89cc86338ef475d26be043aa541dfdb95e52a
3
reference_url https://www.vulncheck.com/advisories/openclaw-arbitrary-shell-execution-via-unvalidated-shell-environment-variable
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/
url https://www.vulncheck.com/advisories/openclaw-arbitrary-shell-execution-via-unvalidated-shell-environment-variable
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32032
reference_id CVE-2026-32032
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32032
5
reference_url https://github.com/advisories/GHSA-f8mp-vj46-cq8v
reference_id GHSA-f8mp-vj46-cq8v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f8mp-vj46-cq8v
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-f8mp-vj46-cq8v
reference_id GHSA-f8mp-vj46-cq8v
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-f8mp-vj46-cq8v
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32032, GHSA-f8mp-vj46-cq8v
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvbz-2mv1-suh4
29
url VCID-vtt6-w96n-u7es
vulnerability_id VCID-vtt6-w96n-u7es
summary 
OpenClaw has agent avatar symlink traversal in gateway session metadata
A crafted local avatar path could follow a symlink outside the agent workspace and return arbitrary file contents as a base64 `data:` URL in gateway responses.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77
2
reference_url https://github.com/advisories/GHSA-9mph-4f7v-fmvh
reference_id GHSA-9mph-4f7v-fmvh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9mph-4f7v-fmvh
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-9mph-4f7v-fmvh
reference_id GHSA-9mph-4f7v-fmvh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-9mph-4f7v-fmvh
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-9mph-4f7v-fmvh
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtt6-w96n-u7es
30
url VCID-y39s-gbhr-yfcf
vulnerability_id VCID-y39s-gbhr-yfcf
summary 
Duplicate Advisory: OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-v6x2-2qvm-6gv8. This link is maintained to preserve external references.

### Original Description
OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, creating dual-use of authentication secrets across security domains. Attackers with access to system prompts sent to third-party model providers can derive the gateway authentication token from the hash outputs, compromising gateway authentication security.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7
2
reference_url https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-8mr2-f9wf-hcfq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y39s-gbhr-yfcf
31
url VCID-y928-qdd4-47at
vulnerability_id VCID-y928-qdd4-47at
summary 
OpenClaw's tools.exec.safeBins trusted PATH directories allowed binary shadowing in allowlist mode
In `openclaw` allowlist mode, `tools.exec.safeBins` trusted PATH-derived directories for safe-bin resolution. A same-name binary placed in a trusted PATH directory could satisfy safe-bin checks and execute.
references
0
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
1
reference_url https://github.com/openclaw/openclaw/commit/64b273a71cf0b2f2419c974832cede1fc2158729
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/commit/64b273a71cf0b2f2419c974832cede1fc2158729
2
reference_url https://github.com/advisories/GHSA-qhrr-grqp-6x2g
reference_id GHSA-qhrr-grqp-6x2g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qhrr-grqp-6x2g
3
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-qhrr-grqp-6x2g
reference_id GHSA-qhrr-grqp-6x2g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw/security/advisories/GHSA-qhrr-grqp-6x2g
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases GHSA-qhrr-grqp-6x2g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y928-qdd4-47at
32
url VCID-ycd1-1bv9-3yb4
vulnerability_id VCID-ycd1-1bv9-3yb4
summary 
OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)
`system.run` environment sanitization allowed shell-startup env overrides (`HOME`, `ZDOTDIR`) that can execute attacker-controlled startup files before allowlist-evaluated command bodies.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32056
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.40836
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32056
1
reference_url https://github.com/openclaw/openclaw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openclaw/openclaw
2
reference_url https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/
url https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906
3
reference_url https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/
url https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32056
reference_id CVE-2026-32056
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32056
5
reference_url https://github.com/advisories/GHSA-xgf2-vxv2-rrmg
reference_id GHSA-xgf2-vxv2-rrmg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xgf2-vxv2-rrmg
6
reference_url https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg
reference_id GHSA-xgf2-vxv2-rrmg
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/
url https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg
fixed_packages
0
url pkg:npm/openclaw@2026.2.22
purl pkg:npm/openclaw@2026.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbm8-2r84-puh5
1
vulnerability VCID-gq39-w2ua-3ua5
2
vulnerability VCID-usnj-f1tv-p7eh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22
aliases CVE-2026-32056, GHSA-xgf2-vxv2-rrmg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycd1-1bv9-3yb4
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22