Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/74146?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "type": "npm", "namespace": "", "name": "openclaw", "version": "2026.2.19", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2026.2.21", "latest_non_vulnerable_version": "2026.3.11", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50284?format=api", "vulnerability_id": "VCID-1b9k-hn2z-syc6", "summary": "OpenClaw: Reject symlinks in local skill packaging script\n- Potential unintentional disclosure of local files from the packaging machine into a generated `.skill` artifact.\n- Requires local execution of the packaging script on attacker-controlled skill contents.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/c275932aa4230fb7a8212fe1b9d2a18424874b3f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/c275932aa4230fb7a8212fe1b9d2a18424874b3f" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/ee1d6427b544ccadd73e02b1630ea5c29ba9a9f0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/ee1d6427b544ccadd73e02b1630ea5c29ba9a9f0" }, { "reference_url": "https://github.com/openclaw/openclaw/pull/20796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/pull/20796" }, { "reference_url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27485", "reference_id": "CVE-2026-27485", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27485" }, { "reference_url": "https://github.com/advisories/GHSA-r6h2-5gqq-v5v6", "reference_id": "GHSA-r6h2-5gqq-v5v6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-r6h2-5gqq-v5v6" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-r6h2-5gqq-v5v6", "reference_id": "GHSA-r6h2-5gqq-v5v6", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-r6h2-5gqq-v5v6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-27485", "GHSA-r6h2-5gqq-v5v6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1b9k-hn2z-syc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50635?format=api", "vulnerability_id": "VCID-2mpv-yh7x-93dx", "summary": "OpenClaw has command injection via Windows shell fallback in Lobster tool execution\nThe Lobster extension tool execution path used a Windows shell fallback (`shell: true`) after spawn failures (`EINVAL`/`ENOENT`). In that fallback path, shell metacharacters in command arguments can be interpreted by the shell, enabling command injection.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32000", "reference_id": "CVE-2026-32000", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32000" }, { "reference_url": "https://github.com/advisories/GHSA-7fcc-cw49-xm78", "reference_id": "GHSA-7fcc-cw49-xm78", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7fcc-cw49-xm78" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-7fcc-cw49-xm78", "reference_id": "GHSA-7fcc-cw49-xm78", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-7fcc-cw49-xm78" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-32000", "GHSA-7fcc-cw49-xm78" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2mpv-yh7x-93dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50244?format=api", "vulnerability_id": "VCID-53zm-kz15-53en", "summary": "OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags\n`tools.exec.safeBins` could be bypassed for filesystem access when `sort` output flags (`-o` / `--output`) or recursive `grep` flags were allowed through safe-bin execution paths.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/2c05cbb43e48ebad03626d3125746fb1b9a8520f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/2c05cbb43e48ebad03626d3125746fb1b9a8520f" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-safebins-stdin-only-bypass-via-sort-output-and-recursive-grep-flags", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-safebins-stdin-only-bypass-via-sort-output-and-recursive-grep-flags" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31996", "reference_id": "CVE-2026-31996", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31996" }, { "reference_url": "https://github.com/advisories/GHSA-4685-c5cp-vp95", "reference_id": "GHSA-4685-c5cp-vp95", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4685-c5cp-vp95" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4685-c5cp-vp95", "reference_id": "GHSA-4685-c5cp-vp95", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-4685-c5cp-vp95" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-31996", "GHSA-4685-c5cp-vp95" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53zm-kz15-53en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50537?format=api", "vulnerability_id": "VCID-56t4-p2fe-guhg", "summary": "OpenClaw's owner-only gateway tool access checks were incomplete in specific authenticated DM flows\nIn authenticated non-owner DM sessions, a narrow tool-invocation path could reach broader-than-intended owner-only gateway actions.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/2777d8ad91ef1e8a7c6f5b4b18f8507be7d02914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/2777d8ad91ef1e8a7c6f5b4b18f8507be7d02914" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/3d7ad1cfca4daaa84cd553e843e0e08fa6201349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/3d7ad1cfca4daaa84cd553e843e0e08fa6201349" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/a40c10d3e24568b1e2947c104484be74bf66b8d2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/a40c10d3e24568b1e2947c104484be74bf66b8d2" }, { "reference_url": "https://github.com/advisories/GHSA-2hm8-rqrm-xfjq", "reference_id": "GHSA-2hm8-rqrm-xfjq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2hm8-rqrm-xfjq" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2hm8-rqrm-xfjq", "reference_id": "GHSA-2hm8-rqrm-xfjq", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2hm8-rqrm-xfjq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-2hm8-rqrm-xfjq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56t4-p2fe-guhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50540?format=api", "vulnerability_id": "VCID-8zsd-p6pb-57cg", "summary": "OpenClaw vulnerable to path traversal in Feishu media temp-file naming allows writes outside os.tmpdir()\nOpenClaw’s Feishu media download flow used untrusted Feishu media keys (`imageKey` / `fileKey`) when building temporary file paths in `extensions/feishu/src/media.ts`.\nBecause those keys were interpolated directly into temp-file paths, traversal segments could escape the temp directory and redirect writes outside `os.tmpdir()`.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/c821099157a9767d4df208c6b12f214946507871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/c821099157a9767d4df208c6b12f214946507871" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/cdb00fe2428000e7a08f9b7848784a0049176705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/cdb00fe2428000e7a08f9b7848784a0049176705" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/ec232a9e2dff60f0e3d7e827a7c868db5254473f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/ec232a9e2dff60f0e3d7e827a7c868db5254473f" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-in-feishu-media-temporary-file-naming", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-in-feishu-media-temporary-file-naming" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22171", "reference_id": "CVE-2026-22171", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22171" }, { "reference_url": "https://github.com/advisories/GHSA-vj3g-5px3-gr46", "reference_id": "GHSA-vj3g-5px3-gr46", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vj3g-5px3-gr46" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vj3g-5px3-gr46", "reference_id": "GHSA-vj3g-5px3-gr46", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vj3g-5px3-gr46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-22171", "GHSA-vj3g-5px3-gr46" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zsd-p6pb-57cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50675?format=api", "vulnerability_id": "VCID-944r-f4rv-hqa1", "summary": "OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP\nOpenClaw's SSRF hostname/IP guard did not detect ISATAP embedded IPv4 addresses (`...:5efe:w.x.y.z`). A crafted URL containing an ISATAP IPv6 literal could embed a private IPv4 target (for example loopback) and bypass private-address filtering in URL-fetching paths.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/d51929ecb52fe65e90bf36795f4247feb29eb8aa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/d51929ecb52fe65e90bf36795f4247feb29eb8aa" }, { "reference_url": "https://github.com/advisories/GHSA-8cp7-rp8r-mg77", "reference_id": "GHSA-8cp7-rp8r-mg77", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8cp7-rp8r-mg77" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8cp7-rp8r-mg77", "reference_id": "GHSA-8cp7-rp8r-mg77", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8cp7-rp8r-mg77" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-8cp7-rp8r-mg77" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-944r-f4rv-hqa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50647?format=api", "vulnerability_id": "VCID-98q9-br8r-b3c1", "summary": "OpenClaw affected by iMessage remote attachment SCP hardening (strict host-key checks and remoteHost validation)\nRemote iMessage attachment fetches used SCP with trust-on-first-use host-key behavior and accepted unvalidated remote host tokens.\n\nBefore the fix:\n- SCP used `StrictHostKeyChecking=accept-new` in the remote attachment path.\n- `channels.imessage.remoteHost` was not validated as a strict SSH host token.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/49d0def6d1e88f002026b1d2a35aa615d48a751a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/49d0def6d1e88f002026b1d2a35aa615d48a751a" }, { "reference_url": "https://github.com/advisories/GHSA-2mc2-g238-722j", "reference_id": "GHSA-2mc2-g238-722j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2mc2-g238-722j" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2mc2-g238-722j", "reference_id": "GHSA-2mc2-g238-722j", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2mc2-g238-722j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-2mc2-g238-722j" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98q9-br8r-b3c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50529?format=api", "vulnerability_id": "VCID-b2ua-kc68-xkgj", "summary": "OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling\nOpenClaw Windows Scheduled Task script generation allowed unsafe argument handling in generated `gateway.cmd` files. In vulnerable versions, cmd metacharacter-only values could be emitted without safe quoting/escaping, which could lead to unintended command execution when the scheduled task runs.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/280c6b117b2f0e24f398e5219048cd4cc3b82396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/280c6b117b2f0e24f398e5219048cd4cc3b82396" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-local-command-injection-via-unsafe-cmd-argument-handling-in-windows-scheduled-task", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-local-command-injection-via-unsafe-cmd-argument-handling-in-windows-scheduled-task" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31994", "reference_id": "CVE-2026-31994", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31994" }, { "reference_url": "https://github.com/advisories/GHSA-mqr9-vqhq-3jxw", "reference_id": "GHSA-mqr9-vqhq-3jxw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-mqr9-vqhq-3jxw" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-mqr9-vqhq-3jxw", "reference_id": "GHSA-mqr9-vqhq-3jxw", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-mqr9-vqhq-3jxw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-31994", "GHSA-mqr9-vqhq-3jxw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2ua-kc68-xkgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50618?format=api", "vulnerability_id": "VCID-ct6t-c3vp-4ydg", "summary": "OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks\n`tools.exec.safeBins` allowlist checks could be bypassed by PATH-hijacked binaries, allowing execution of attacker-controlled trojan binaries under an allowlisted executable name.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/28bac46c92069dc728524fbf383024c1b64e5c23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/28bac46c92069dc728524fbf383024c1b64e5c23" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32015", "reference_id": "CVE-2026-32015", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32015" }, { "reference_url": "https://github.com/advisories/GHSA-g75x-8qqm-2vxp", "reference_id": "GHSA-g75x-8qqm-2vxp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g75x-8qqm-2vxp" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-g75x-8qqm-2vxp", "reference_id": "GHSA-g75x-8qqm-2vxp", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-g75x-8qqm-2vxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-32015", "GHSA-g75x-8qqm-2vxp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct6t-c3vp-4ydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50555?format=api", "vulnerability_id": "VCID-dzzs-swfj-jqch", "summary": "OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption\nConcurrent `updateRegistry`/`removeRegistryEntry` operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions.\n\nThe registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry updates could produce stale snapshots and overwrite each other.\n\nThat desyncs sandbox state and can affect `sandbox list`, `sandbox prune`, and `sandbox recreate --all` behavior.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/cc29be8c9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/cc29be8c9" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/cc29be8c9bcdfaecb90f0ab13124c8f5362a6741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/cc29be8c9bcdfaecb90f0ab13124c8f5362a6741" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-race-condition-in-sandbox-registry-write-operations", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-race-condition-in-sandbox-registry-write-operations" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32018", "reference_id": "CVE-2026-32018", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32018" }, { "reference_url": "https://github.com/advisories/GHSA-gq83-8q7q-9hfx", "reference_id": "GHSA-gq83-8q7q-9hfx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gq83-8q7q-9hfx" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-gq83-8q7q-9hfx", "reference_id": "GHSA-gq83-8q7q-9hfx", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-gq83-8q7q-9hfx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-32018", "GHSA-gq83-8q7q-9hfx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzzs-swfj-jqch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50577?format=api", "vulnerability_id": "VCID-e6vw-nk4b-nyed", "summary": "OpenClaw plugin runtime command execution is part of trusted plugin boundary\nOpenClaw plugins/extensions run in-process and are treated as trusted code. This advisory tracks trust-boundary clarification around plugin runtime command execution (`runtime.system.runCommandWithTimeout`).", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/2e421f32dfc589c02706265fd3c3137ffc06c4b1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/2e421f32dfc589c02706265fd3c3137ffc06c4b1" }, { "reference_url": "https://github.com/advisories/GHSA-ff98-w8hj-qrxf", "reference_id": "GHSA-ff98-w8hj-qrxf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-ff98-w8hj-qrxf" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-ff98-w8hj-qrxf", "reference_id": "GHSA-ff98-w8hj-qrxf", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-ff98-w8hj-qrxf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-ff98-w8hj-qrxf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6vw-nk4b-nyed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50276?format=api", "vulnerability_id": "VCID-kq6j-fxgz-87gw", "summary": "OpenClaw hardened cron webhook delivery against SSRF\n## Affected Packages / Versions\n\n- `openclaw` npm package versions `<= 2026.2.17`.\n\n## Vulnerability\nCron webhook delivery in `src/gateway/server-cron.ts` used `fetch()` directly, so webhook targets could reach private/metadata/internal endpoints without SSRF policy checks.\n\n## Fix Commit(s)\n- `99db4d13e`\n- `35851cdaf`\n\nThanks @Adam55A-code for reporting.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/99db4d13e5c139883ef0def9ff963e9273179655" }, { "reference_url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27488", "reference_id": "CVE-2026-27488", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27488" }, { "reference_url": "https://github.com/advisories/GHSA-w45g-5746-x9fp", "reference_id": "GHSA-w45g-5746-x9fp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w45g-5746-x9fp" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp", "reference_id": "GHSA-w45g-5746-x9fp", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-w45g-5746-x9fp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-27488", "GHSA-w45g-5746-x9fp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq6j-fxgz-87gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50487?format=api", "vulnerability_id": "VCID-m1qu-4h8f-6udw", "summary": "OpenClaw has ReDoS and regex injection via unescaped Feishu mention metadata in RegExp construction\n`extensions/feishu/src/bot.ts` constructed `new RegExp()` directly from Feishu mention metadata (`mention.name`, `mention.key`) in `stripBotMention()` without escaping regex metacharacters.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/74268489137510b6f6349919d1e197b17290d92c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/74268489137510b6f6349919d1e197b17290d92c" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/7e67ab75cc2f0e93569d12fecd1411c2961fcc8c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/7e67ab75cc2f0e93569d12fecd1411c2961fcc8c" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-redos-and-regex-injection-via-unescaped-feishu-mention-metadata", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-redos-and-regex-injection-via-unescaped-feishu-mention-metadata" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22178", "reference_id": "CVE-2026-22178", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22178" }, { "reference_url": "https://github.com/advisories/GHSA-c6hr-w26q-c636", "reference_id": "GHSA-c6hr-w26q-c636", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c6hr-w26q-c636" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-c6hr-w26q-c636", "reference_id": "GHSA-c6hr-w26q-c636", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-c6hr-w26q-c636" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-22178", "GHSA-c6hr-w26q-c636" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qu-4h8f-6udw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50651?format=api", "vulnerability_id": "VCID-nz4n-xd33-63am", "summary": "OpenClaw has auth inconsistency on local Browser Extension Relay /extension endpoint\nWhen the optional Chrome extension relay is enabled, `/extension` accepted unauthenticated WebSocket upgrades while `/json/*` and `/cdp` required auth.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/7e54b6c96feb1a5c30884f2b32037b8dadd0e532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/7e54b6c96feb1a5c30884f2b32037b8dadd0e532" }, { "reference_url": "https://github.com/advisories/GHSA-pfv7-rr5m-qmv6", "reference_id": "GHSA-pfv7-rr5m-qmv6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pfv7-rr5m-qmv6" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pfv7-rr5m-qmv6", "reference_id": "GHSA-pfv7-rr5m-qmv6", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pfv7-rr5m-qmv6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-pfv7-rr5m-qmv6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz4n-xd33-63am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50286?format=api", "vulnerability_id": "VCID-ppsm-b5qs-23f6", "summary": "OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs\n- Local ACP sessions may become less responsive when very large prompts are submitted\n- Larger-than-expected model usage/cost when oversized text is forwarded\n- No privilege escalation and no direct remote attack path in the default ACP model", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/63e39d7f57ac4ad4a5e38d17e7394ae7c4dd0b9c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/63e39d7f57ac4ad4a5e38d17e7394ae7c4dd0b9c" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/8ae2d5110f6ceadef73822aa3db194fb60d2ba68", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/8ae2d5110f6ceadef73822aa3db194fb60d2ba68" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/ebcf19746f5c500a41817e03abecadea8655654a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/ebcf19746f5c500a41817e03abecadea8655654a" }, { "reference_url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.19" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27576", "reference_id": "CVE-2026-27576", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27576" }, { "reference_url": "https://github.com/advisories/GHSA-cxpw-2g23-2vgw", "reference_id": "GHSA-cxpw-2g23-2vgw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cxpw-2g23-2vgw" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cxpw-2g23-2vgw", "reference_id": "GHSA-cxpw-2g23-2vgw", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cxpw-2g23-2vgw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-27576", "GHSA-cxpw-2g23-2vgw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppsm-b5qs-23f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50611?format=api", "vulnerability_id": "VCID-qkne-9qte-6bev", "summary": "OpenClaw exec allowlist safeBins short-option bypass could permit arbitrary file write\nOpenClaw `exec` allowlist/safeBins policy could be bypassed with attached short-option payloads (for example `sort -o/tmp/poc`), enabling file-write operations while still satisfying safeBins checks.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/fec48a5006eab37c6a5821726ccaeec886486b13", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/fec48a5006eab37c6a5821726ccaeec886486b13" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-short-option-bypass-in-exec-allowlist", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-short-option-bypass-in-exec-allowlist" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32017", "reference_id": "CVE-2026-32017", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32017" }, { "reference_url": "https://github.com/advisories/GHSA-3x3x-h76w-hp98", "reference_id": "GHSA-3x3x-h76w-hp98", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3x3x-h76w-hp98" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3x3x-h76w-hp98", "reference_id": "GHSA-3x3x-h76w-hp98", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-3x3x-h76w-hp98" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-32017", "GHSA-3x3x-h76w-hp98" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkne-9qte-6bev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50254?format=api", "vulnerability_id": "VCID-sf68-9pef-a7dx", "summary": "OpenClaw safeBins file-existence oracle information disclosure\nAn information disclosure vulnerability in OpenClaw's `tools.exec.safeBins` approval flow allowed a file-existence oracle.\n\nWhen safe-bin validation examined candidate file paths, command allow/deny behavior could differ based on whether a path already existed on the host filesystem. An attacker could probe for file presence by comparing outcomes for existing vs non-existing filenames.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4040", "reference_id": "CVE-2026-4040", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4040" }, { "reference_url": "https://github.com/advisories/GHSA-6c9j-x93c-rw6j", "reference_id": "GHSA-6c9j-x93c-rw6j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6c9j-x93c-rw6j" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-6c9j-x93c-rw6j", "reference_id": "GHSA-6c9j-x93c-rw6j", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-6c9j-x93c-rw6j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-4040", "GHSA-6c9j-x93c-rw6j" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sf68-9pef-a7dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50567?format=api", "vulnerability_id": "VCID-t4q7-dgjk-nyef", "summary": "OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation\nA command injection vulnerability existed in Windows Scheduled Task script generation for OpenClaw. Environment values were written into `gateway.cmd` using unquoted `set KEY=VALUE`, which allowed Windows shell metacharacters in config-provided environment variables to break out of assignment context.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/dafe52e8cf1a041d898cfb304a485fa05e5f58fb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/dafe52e8cf1a041d898cfb304a485fa05e5f58fb" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-command-injection-via-unescaped-environment-variables-in-windows-scheduled-task", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-command-injection-via-unescaped-environment-variables-in-windows-scheduled-task" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22176", "reference_id": "CVE-2026-22176", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22176" }, { "reference_url": "https://github.com/advisories/GHSA-pj5x-38rw-6fph", "reference_id": "GHSA-pj5x-38rw-6fph", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pj5x-38rw-6fph" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pj5x-38rw-6fph", "reference_id": "GHSA-pj5x-38rw-6fph", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pj5x-38rw-6fph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-22176", "GHSA-pj5x-38rw-6fph" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4q7-dgjk-nyef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50614?format=api", "vulnerability_id": "VCID-xrcg-kjac-nyeb", "summary": "OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path\nOn Windows, the Lobster extension previously retried certain spawn failures (`ENOENT`/`EINVAL`) with `shell: true` for wrapper compatibility. In that fallback path, tool-provided arguments could be interpreted by `cmd.exe` if fallback was triggered.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-command-injection-via-windows-shell-fallback-in-lobster-extension", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-command-injection-via-windows-shell-fallback-in-lobster-extension" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31995", "reference_id": "CVE-2026-31995", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31995" }, { "reference_url": "https://github.com/advisories/GHSA-fg3m-vhrr-8gj6", "reference_id": "GHSA-fg3m-vhrr-8gj6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fg3m-vhrr-8gj6" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-fg3m-vhrr-8gj6", "reference_id": "GHSA-fg3m-vhrr-8gj6", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-fg3m-vhrr-8gj6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-31995", "GHSA-fg3m-vhrr-8gj6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xrcg-kjac-nyeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50697?format=api", "vulnerability_id": "VCID-y7pk-hj2p-jbgb", "summary": "ZDI-CAN-29311: OpenClaw Canvas Authentication Bypass Vulnerability\n\n-- ABSTRACT -------------------------------------\n\nTrend Micro's Zero Day Initiative has identified a vulnerability affecting the following products:\nOpenClaw - OpenClaw\n\n-- VULNERABILITY DETAILS ------------------------\n* Version tested: openclaw 2026.2.17\n* Platform tested: macOS 26.3\n\n---", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/c45f3c5b004c8d63dc0e282e2176f8c9355d24f1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/c45f3c5b004c8d63dc0e282e2176f8c9355d24f1" }, { "reference_url": "https://github.com/advisories/GHSA-vvjh-f6p9-5vcf", "reference_id": "GHSA-vvjh-f6p9-5vcf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vvjh-f6p9-5vcf" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vvjh-f6p9-5vcf", "reference_id": "GHSA-vvjh-f6p9-5vcf", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vvjh-f6p9-5vcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "GHSA-vvjh-f6p9-5vcf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7pk-hj2p-jbgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50605?format=api", "vulnerability_id": "VCID-z6fq-a91m-6fa3", "summary": "OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia\nWhen iMessage remote attachment fetching is enabled (`channels.imessage.remoteHost`), `stageSandboxMedia` accepted arbitrary absolute paths and used SCP to copy them into local staging.\n\nIf a non-attachment path reaches this flow, files outside expected iMessage attachment directories on the remote host can be staged.", "references": [ { "reference_url": "https://github.com/openclaw/openclaw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw" }, { "reference_url": "https://github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e" }, { "reference_url": "https://www.vulncheck.com/advisories/openclaw-sensitive-file-disclosure-via-stagesandboxmedia-path-traversal", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.vulncheck.com/advisories/openclaw-sensitive-file-disclosure-via-stagesandboxmedia-path-traversal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32030", "reference_id": "CVE-2026-32030", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32030" }, { "reference_url": "https://github.com/advisories/GHSA-x9cf-3w63-rpq9", "reference_id": "GHSA-x9cf-3w63-rpq9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x9cf-3w63-rpq9" }, { "reference_url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-x9cf-3w63-rpq9", "reference_id": "GHSA-x9cf-3w63-rpq9", "reference_type": "", "scores": [], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-x9cf-3w63-rpq9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74146?format=api", "purl": "pkg:npm/openclaw@2026.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" } ], "aliases": [ "CVE-2026-32030", "GHSA-x9cf-3w63-rpq9" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6fq-a91m-6fa3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.19" }