{"url":"http://public2.vulnerablecode.io/api/packages/1020654?format=json","purl":"pkg:npm/openclaw@2026.4.11-beta.1","type":"npm","namespace":"","name":"openclaw","version":"2026.4.11-beta.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2026.4.23","latest_non_vulnerable_version":"2026.4.23","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65586?format=json","vulnerability_id":"VCID-1f2r-y41u-y7b4","summary":"OpenClaw before 2026.4.12 contains an improper authorization vulnerability in helper-backed channels where empty resolved approver lists are interpreted as explicit approval authorization. Attackers can resolve pending approvals without proper authorization by exploiting this logic flaw if they know an approval id.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43574","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11403","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11359","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11393","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11333","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43574"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/65714","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/65714"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43574","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43574"},{"reference_url":"https://github.com/openclaw/openclaw/commit/0a105c0900de701d2ee9f1abc96b017afbd0afdd","reference_id":"0a105c0900de701d2ee9f1abc96b017afbd0afdd","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:19:51Z/"}],"url":"https://github.com/openclaw/openclaw/commit/0a105c0900de701d2ee9f1abc96b017afbd0afdd"},{"reference_url":"https://github.com/advisories/GHSA-49cg-279w-m73x","reference_id":"GHSA-49cg-279w-m73x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-49cg-279w-m73x"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-49cg-279w-m73x","reference_id":"GHSA-49cg-279w-m73x","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:19:51Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-49cg-279w-m73x"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-improper-authorization-via-empty-approver-lists","reference_id":"openclaw-improper-authorization-via-empty-approver-lists","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:19:51Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-improper-authorization-via-empty-approver-lists"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373522?format=json","purl":"pkg:npm/openclaw@2026.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6qbs-72h8-gua4"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-82aq-wxf5-aka8"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9c2u-hch4-8qbj"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c3hg-hct8-eqbv"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-ns2g-q3vb-akcm"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-rr2j-c7md-57gj"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v3u2-k16m-9kdp"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.12"}],"aliases":["CVE-2026-43574","GHSA-49cg-279w-m73x"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f2r-y41u-y7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65519?format=json","vulnerability_id":"VCID-1kns-bfm7-wqa7","summary":"OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weaken risk classification of unsafe applet invocations.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43530","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21543","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2153","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21557","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43530"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/65713","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/65713"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43530","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43530"},{"reference_url":"https://github.com/openclaw/openclaw/commit/666f48d9b882a8a1415ca53f9567c72499d850c9","reference_id":"666f48d9b882a8a1415ca53f9567c72499d850c9","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T14:31:04Z/"}],"url":"https://github.com/openclaw/openclaw/commit/666f48d9b882a8a1415ca53f9567c72499d850c9"},{"reference_url":"https://github.com/advisories/GHSA-2cq5-mf3v-mx44","reference_id":"GHSA-2cq5-mf3v-mx44","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2cq5-mf3v-mx44"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44","reference_id":"GHSA-2cq5-mf3v-mx44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T14:31:04Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution","reference_id":"openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T14:31:04Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373522?format=json","purl":"pkg:npm/openclaw@2026.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6qbs-72h8-gua4"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-82aq-wxf5-aka8"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9c2u-hch4-8qbj"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c3hg-hct8-eqbv"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-ns2g-q3vb-akcm"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-rr2j-c7md-57gj"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v3u2-k16m-9kdp"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.12"}],"aliases":["CVE-2026-43530","GHSA-2cq5-mf3v-mx44"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1kns-bfm7-wqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68041?format=json","vulnerability_id":"VCID-1qnh-qhcx-63et","summary":"OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can execute room control commands without being in configured allowlists by posting in bot rooms, potentially enabling privileged OpenClaw behavior.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44110","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18401","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.184","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18423","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18236","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44110"},{"reference_url":"https://github.com/openclaw/openclaw/pull/67294","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/openclaw/openclaw/pull/67294"},{"reference_url":"https://github.com/openclaw/openclaw/pull/67325","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/openclaw/openclaw/pull/67325"},{"reference_url":"https://github.com/openclaw/openclaw/commit/2bfd808a83116bd888e3e2633a61473fa2ed81b6","reference_id":"2bfd808a83116bd888e3e2633a61473fa2ed81b6","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:58:00Z/"}],"url":"https://github.com/openclaw/openclaw/commit/2bfd808a83116bd888e3e2633a61473fa2ed81b6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44110","reference_id":"CVE-2026-44110","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44110"},{"reference_url":"https://github.com/openclaw/openclaw/commit/f8705f512b09043df02b5da372c33374734bd921","reference_id":"f8705f512b09043df02b5da372c33374734bd921","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:58:00Z/"}],"url":"https://github.com/openclaw/openclaw/commit/f8705f512b09043df02b5da372c33374734bd921"},{"reference_url":"https://github.com/advisories/GHSA-2gvc-4f3c-2855","reference_id":"GHSA-2gvc-4f3c-2855","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2gvc-4f3c-2855"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2gvc-4f3c-2855","reference_id":"GHSA-2gvc-4f3c-2855","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:58:00Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2gvc-4f3c-2855"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-matrix-room-control-commands-via-dm-pairing-store","reference_id":"openclaw-authorization-bypass-in-matrix-room-control-commands-via-dm-pairing-store","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:58:00Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-matrix-room-control-commands-via-dm-pairing-store"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["CVE-2026-44110","GHSA-2gvc-4f3c-2855"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qnh-qhcx-63et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69834?format=json","vulnerability_id":"VCID-4qqv-57ws-4yb3","summary":"OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allowRequestSessionKey opt-in restriction. Attackers can render externally influenced session keys through templated hook mappings to bypass webhook routing isolation controls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45002","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10694","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11756","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1173","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11751","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45002"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45002","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45002"},{"reference_url":"https://github.com/openclaw/openclaw/commit/5275d008ed33203dba3f98e969ad683a65c416c3","reference_id":"5275d008ed33203dba3f98e969ad683a65c416c3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:46:08Z/"}],"url":"https://github.com/openclaw/openclaw/commit/5275d008ed33203dba3f98e969ad683a65c416c3"},{"reference_url":"https://github.com/advisories/GHSA-2xcp-x87w-q377","reference_id":"GHSA-2xcp-x87w-q377","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2xcp-x87w-q377"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2xcp-x87w-q377","reference_id":"GHSA-2xcp-x87w-q377","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:46:08Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2xcp-x87w-q377"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-hook-session-key-bypass-via-template-mapping","reference_id":"openclaw-hook-session-key-bypass-via-template-mapping","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:46:08Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-hook-session-key-bypass-via-template-mapping"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-45002","GHSA-2xcp-x87w-q377"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qqv-57ws-4yb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359764?format=json","vulnerability_id":"VCID-5zh4-jn4s-akc9","summary":"OpenClaw: Paired-device pairing actions were not limited to the caller device\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `< 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nA paired device session with limited pairing scope could enumerate global pairing state and act on pairing requests that belonged to another device within the same gateway scope ceiling.\n\nThis is a same-gateway paired-device authorization bug, not a remote unauthenticated issue. Severity is low.\n\n## Fix\n\nPairing management actions are now limited to the caller device, so non-admin paired-device sessions cannot approve or operate on unrelated pending device requests.\n\nFix commit:\n\n- `5a12f30441d5b0b151f550daa2c5c9e8db61e2e6`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-xrq9-jm7v-g9h7","reference_id":"GHSA-xrq9-jm7v-g9h7","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xrq9-jm7v-g9h7"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xrq9-jm7v-g9h7","reference_id":"GHSA-xrq9-jm7v-g9h7","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xrq9-jm7v-g9h7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["GHSA-xrq9-jm7v-g9h7"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zh4-jn4s-akc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68039?format=json","vulnerability_id":"VCID-65nh-ys6n-77ag","summary":"OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request headers. Non-owner loopback clients can present themselves as owner to bypass owner-gated operations by manipulating the sender-owner header metadata.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44118","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02617","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0261","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0262","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44118"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44118","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44118"},{"reference_url":"https://github.com/openclaw/openclaw/commit/3cb1a56bfc9579a0f2336f9cfa12a8a744332a19","reference_id":"3cb1a56bfc9579a0f2336f9cfa12a8a744332a19","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T17:21:33Z/"}],"url":"https://github.com/openclaw/openclaw/commit/3cb1a56bfc9579a0f2336f9cfa12a8a744332a19"},{"reference_url":"https://github.com/advisories/GHSA-r6xh-pqhr-v4xh","reference_id":"GHSA-r6xh-pqhr-v4xh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r6xh-pqhr-v4xh"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r6xh-pqhr-v4xh","reference_id":"GHSA-r6xh-pqhr-v4xh","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T17:21:33Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r6xh-pqhr-v4xh"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-owner-context-spoofing-via-bearer-token-header","reference_id":"openclaw-owner-context-spoofing-via-bearer-token-header","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T17:21:33Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-owner-context-spoofing-via-bearer-token-header"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-44118","GHSA-r6xh-pqhr-v4xh"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-65nh-ys6n-77ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65536?format=json","vulnerability_id":"VCID-6qbs-72h8-gua4","summary":"OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43583","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10996","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11025","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11056","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11059","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43583"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66025","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66025"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43583","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43583"},{"reference_url":"https://github.com/openclaw/openclaw/commit/48aae82bbc19ba8b0741e61a08063eb0d1df464e","reference_id":"48aae82bbc19ba8b0741e61a08063eb0d1df464e","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:29:14Z/"}],"url":"https://github.com/openclaw/openclaw/commit/48aae82bbc19ba8b0741e61a08063eb0d1df464e"},{"reference_url":"https://github.com/advisories/GHSA-r77c-2cmr-7p47","reference_id":"GHSA-r77c-2cmr-7p47","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r77c-2cmr-7p47"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r77c-2cmr-7p47","reference_id":"GHSA-r77c-2cmr-7p47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:29:14Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r77c-2cmr-7p47"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-loss-of-group-tool-policy-context-in-delivery-queue-recovery","reference_id":"openclaw-loss-of-group-tool-policy-context-in-delivery-queue-recovery","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:29:14Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-loss-of-group-tool-policy-context-in-delivery-queue-recovery"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43583","GHSA-r77c-2cmr-7p47"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qbs-72h8-gua4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65524?format=json","vulnerability_id":"VCID-6w88-6bts-sudv","summary":"OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request, enabling attackers to use rotated-out bearer tokens for unauthorized gateway access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43585","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34576","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34579","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.346","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34398","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43585"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66651","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66651"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43585","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43585"},{"reference_url":"https://github.com/openclaw/openclaw/commit/acd4e0a32f12e1ad85f3130f63b42443ce90f094","reference_id":"acd4e0a32f12e1ad85f3130f63b42443ce90f094","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:53:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/acd4e0a32f12e1ad85f3130f63b42443ce90f094"},{"reference_url":"https://github.com/advisories/GHSA-xmxx-7p24-h892","reference_id":"GHSA-xmxx-7p24-h892","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xmxx-7p24-h892"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xmxx-7p24-h892","reference_id":"GHSA-xmxx-7p24-h892","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:53:26Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xmxx-7p24-h892"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-bearer-token-validation-bypass-via-stale-secretref-resolution","reference_id":"openclaw-bearer-token-validation-bypass-via-stale-secretref-resolution","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:53:26Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-bearer-token-validation-bypass-via-stale-secretref-resolution"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["CVE-2026-43585","GHSA-xmxx-7p24-h892"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6w88-6bts-sudv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65490?format=json","vulnerability_id":"VCID-82aq-wxf5-aka8","summary":"OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43527","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12246","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12325","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12346","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1234","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43527"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66354","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66354"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66386","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66386"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43527","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43527"},{"reference_url":"https://github.com/openclaw/openclaw/commit/024f4614a1a1831406e763adc40ef226e3d5e9ed","reference_id":"024f4614a1a1831406e763adc40ef226e3d5e9ed","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://github.com/openclaw/openclaw/commit/024f4614a1a1831406e763adc40ef226e3d5e9ed"},{"reference_url":"https://github.com/openclaw/openclaw/commit/1dabfef28db523e7de81edeb3dd689e9171236a2","reference_id":"1dabfef28db523e7de81edeb3dd689e9171236a2","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://github.com/openclaw/openclaw/commit/1dabfef28db523e7de81edeb3dd689e9171236a2"},{"reference_url":"https://github.com/openclaw/openclaw/commit/213c36cf51121ef6c05cfccd78037371f968f31a","reference_id":"213c36cf51121ef6c05cfccd78037371f968f31a","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://github.com/openclaw/openclaw/commit/213c36cf51121ef6c05cfccd78037371f968f31a"},{"reference_url":"https://github.com/openclaw/openclaw/commit/7eecfa411df3d12e6b810e6ca5df47254fc3db3f","reference_id":"7eecfa411df3d12e6b810e6ca5df47254fc3db3f","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://github.com/openclaw/openclaw/commit/7eecfa411df3d12e6b810e6ca5df47254fc3db3f"},{"reference_url":"https://github.com/advisories/GHSA-53vx-pmqw-863c","reference_id":"GHSA-53vx-pmqw-863c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-53vx-pmqw-863c"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-53vx-pmqw-863c","reference_id":"GHSA-53vx-pmqw-863c","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-53vx-pmqw-863c"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-private-network-navigation","reference_id":"openclaw-server-side-request-forgery-via-private-network-navigation","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T12:39:27Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-private-network-navigation"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43527","GHSA-53vx-pmqw-863c"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82aq-wxf5-aka8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359778?format=json","vulnerability_id":"VCID-8h62-5c5b-cbdt","summary":"OpenClaw: Feishu card actions could misclassify DMs and skip dmPolicy\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `< 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nFeishu card-action callbacks could synthesize a message event with DM conversations classified as group conversations. That skipped `dmPolicy` enforcement for card actions, so a sender in a Feishu DM could trigger card-action flows that should have been blocked by a restrictive DM policy.\n\nThe issue is limited to Feishu card-action handling. Severity is medium.\n\n## Fix\n\nOpenClaw now resolves Feishu card-action chat type before dispatch, including API lookup when stored context is unavailable, and avoids falling through to group handling for DMs.\n\nFix commit:\n\n- `90979d7c3ef7ec30b9f8aa6963a5e38d2f17d166`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-72q8-jcmc-97wx","reference_id":"GHSA-72q8-jcmc-97wx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-72q8-jcmc-97wx"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-72q8-jcmc-97wx","reference_id":"GHSA-72q8-jcmc-97wx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-72q8-jcmc-97wx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["GHSA-72q8-jcmc-97wx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8h62-5c5b-cbdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65574?format=json","vulnerability_id":"VCID-9c2u-hch4-8qbj","summary":"OpenClaw versions 2026.4.10 before 2026.4.14 contain a missing authorization vulnerability in the Microsoft Teams SSO invoke handler that fails to apply sender allowlist checks. Attackers can bypass sender authorization by sending SSO invoke requests that are processed without proper validation, allowing unauthorized access to Teams SSO signin functionality.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43572","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1326","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13348","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13373","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13366","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43572"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66033","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66033"},{"reference_url":"https://github.com/openclaw/openclaw/commit/80b1fa17bfc3f6a668492f0326ea52f48bb89776","reference_id":"80b1fa17bfc3f6a668492f0326ea52f48bb89776","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:U"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:23:37Z/"}],"url":"https://github.com/openclaw/openclaw/commit/80b1fa17bfc3f6a668492f0326ea52f48bb89776"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43572","reference_id":"CVE-2026-43572","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43572"},{"reference_url":"https://github.com/advisories/GHSA-gc9r-867r-j85f","reference_id":"GHSA-gc9r-867r-j85f","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gc9r-867r-j85f"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gc9r-867r-j85f","reference_id":"GHSA-gc9r-867r-j85f","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:U"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:23:37Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gc9r-867r-j85f"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-missing-sender-authorization-in-microsoft-teams-sso-invoke-handler","reference_id":"openclaw-missing-sender-authorization-in-microsoft-teams-sso-invoke-handler","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:23:37Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-missing-sender-authorization-in-microsoft-teams-sso-invoke-handler"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43572","GHSA-gc9r-867r-j85f"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9c2u-hch4-8qbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67767?format=json","vulnerability_id":"VCID-9u9n-s6sc-2bhw","summary":"OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API, enabling unauthorized access to internal resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44116","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15353","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15325","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1536","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15225","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44116"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44116","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44116"},{"reference_url":"https://github.com/openclaw/openclaw/commit/a65eb1b864b7630c1242a82de9e5799b80583c3f","reference_id":"a65eb1b864b7630c1242a82de9e5799b80583c3f","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:59:02Z/"}],"url":"https://github.com/openclaw/openclaw/commit/a65eb1b864b7630c1242a82de9e5799b80583c3f"},{"reference_url":"https://github.com/advisories/GHSA-2hh7-c75g-qj2r","reference_id":"GHSA-2hh7-c75g-qj2r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2hh7-c75g-qj2r"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2hh7-c75g-qj2r","reference_id":"GHSA-2hh7-c75g-qj2r","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:59:02Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2hh7-c75g-qj2r"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-in-zalo-photo-url-validation","reference_id":"openclaw-server-side-request-forgery-in-zalo-photo-url-validation","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:59:02Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-in-zalo-photo-url-validation"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-44116","GHSA-2hh7-c75g-qj2r"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9u9n-s6sc-2bhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67838?format=json","vulnerability_id":"VCID-afjz-us2v-k7ak","summary":"OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write files outside the local mount root.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44112","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11306","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11262","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11296","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11237","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44112"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44112","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44112"},{"reference_url":"https://github.com/openclaw/openclaw/commit/7be82d4fd1193bcb7e44ee38838f00bf924ffa76","reference_id":"7be82d4fd1193bcb7e44ee38838f00bf924ffa76","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:25:18Z/"}],"url":"https://github.com/openclaw/openclaw/commit/7be82d4fd1193bcb7e44ee38838f00bf924ffa76"},{"reference_url":"https://github.com/advisories/GHSA-wppj-c6mr-83jj","reference_id":"GHSA-wppj-c6mr-83jj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wppj-c6mr-83jj"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-wppj-c6mr-83jj","reference_id":"GHSA-wppj-c6mr-83jj","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:25:18Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-wppj-c6mr-83jj"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-symlink-swap-race-condition-in-openshell-fs-bridge-writes","reference_id":"openclaw-symlink-swap-race-condition-in-openshell-fs-bridge-writes","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T17:25:18Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-symlink-swap-race-condition-in-openshell-fs-bridge-writes"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-44112","GHSA-wppj-c6mr-83jj"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afjz-us2v-k7ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67711?format=json","vulnerability_id":"VCID-b158-4js1-77de","summary":"OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection vulnerability allowing workspace dotenv to override MINIMAX_API_HOST. Attackers can redirect credentialed MiniMax API requests to attacker-controlled origins, exposing the MiniMax API key in Authorization headers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44992","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01299","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0177","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01779","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01773","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44992"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44992","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44992"},{"reference_url":"https://github.com/openclaw/openclaw/commit/2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1","reference_id":"2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:53Z/"}],"url":"https://github.com/openclaw/openclaw/commit/2f06696579a1ab0cb5bbbbb6a900414a6b2e3cd1"},{"reference_url":"https://github.com/advisories/GHSA-h2vw-ph2c-jvwf","reference_id":"GHSA-h2vw-ph2c-jvwf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h2vw-ph2c-jvwf"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-h2vw-ph2c-jvwf","reference_id":"GHSA-h2vw-ph2c-jvwf","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:53Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-h2vw-ph2c-jvwf"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-minimax-api-host-override-via-workspace-dotenv","reference_id":"openclaw-minimax-api-host-override-via-workspace-dotenv","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:53Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-minimax-api-host-override-via-workspace-dotenv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-44992","GHSA-h2vw-ph2c-jvwf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b158-4js1-77de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67891?format=json","vulnerability_id":"VCID-c3fa-2u7p-pkgn","summary":"OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration and blank callback tokens fail open instead of rejecting requests, enabling attackers to bypass signature verification and replay protection to execute arbitrary commands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44109","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42226","published_at":"2026-06-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42239","published_at":"2026-06-14T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42248","published_at":"2026-06-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42062","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44109"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66707","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66707"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44109","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44109"},{"reference_url":"https://github.com/openclaw/openclaw/commit/c8003f1b33ed2924be5f62131bd28742c5a41aae","reference_id":"c8003f1b33ed2924be5f62131bd28742c5a41aae","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-07T12:34:48Z/"}],"url":"https://github.com/openclaw/openclaw/commit/c8003f1b33ed2924be5f62131bd28742c5a41aae"},{"reference_url":"https://github.com/advisories/GHSA-xh72-v6v9-mwhc","reference_id":"GHSA-xh72-v6v9-mwhc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xh72-v6v9-mwhc"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xh72-v6v9-mwhc","reference_id":"GHSA-xh72-v6v9-mwhc","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-07T12:34:48Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xh72-v6v9-mwhc"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authentication-bypass-in-feishu-webhook-and-card-action-validation","reference_id":"openclaw-authentication-bypass-in-feishu-webhook-and-card-action-validation","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-07T12:34:48Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authentication-bypass-in-feishu-webhook-and-card-action-validation"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["CVE-2026-44109","GHSA-xh72-v6v9-mwhc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3fa-2u7p-pkgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70133?format=json","vulnerability_id":"VCID-c3hg-hct8-eqbv","summary":"OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab routes that fail to consistently validate the final browser target after navigation. Authenticated callers can bypass SSRF restrictions to expose internal or disallowed page content by exploiting route-driven navigation without proper policy re-validation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42436","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10623","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10601","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10626","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10563","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42436"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66040","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66040"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42436","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42436"},{"reference_url":"https://github.com/openclaw/openclaw/commit/b75ad800a59009fc47eaa3471410f69046150e59","reference_id":"b75ad800a59009fc47eaa3471410f69046150e59","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:04Z/"}],"url":"https://github.com/openclaw/openclaw/commit/b75ad800a59009fc47eaa3471410f69046150e59"},{"reference_url":"https://github.com/advisories/GHSA-c4qm-58hj-j6pj","reference_id":"GHSA-c4qm-58hj-j6pj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c4qm-58hj-j6pj"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c4qm-58hj-j6pj","reference_id":"GHSA-c4qm-58hj-j6pj","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:04Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c4qm-58hj-j6pj"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-internal-page-content-exposure-via-browser-snapshot-and-screenshot-routes","reference_id":"openclaw-internal-page-content-exposure-via-browser-snapshot-and-screenshot-routes","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:04Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-internal-page-content-exposure-via-browser-snapshot-and-screenshot-routes"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-42436","GHSA-c4qm-58hj-j6pj"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3hg-hct8-eqbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69923?format=json","vulnerability_id":"VCID-c8dt-7z8a-qufe","summary":"OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45003","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01333","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01834","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01826","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45003"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45003","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45003"},{"reference_url":"https://github.com/openclaw/openclaw/commit/0623079e98abf7202591f1b04a89755eb7ec9272","reference_id":"0623079e98abf7202591f1b04a89755eb7ec9272","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:02Z/"}],"url":"https://github.com/openclaw/openclaw/commit/0623079e98abf7202591f1b04a89755eb7ec9272"},{"reference_url":"https://github.com/advisories/GHSA-55cf-xx38-4p9p","reference_id":"GHSA-55cf-xx38-4p9p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-55cf-xx38-4p9p"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-55cf-xx38-4p9p","reference_id":"GHSA-55cf-xx38-4p9p","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:02Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-55cf-xx38-4p9p"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-connector-endpoint-host-override-via-workspace-dotenv-files","reference_id":"openclaw-connector-endpoint-host-override-via-workspace-dotenv-files","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"4.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:02Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-connector-endpoint-host-override-via-workspace-dotenv-files"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-45003","GHSA-55cf-xx38-4p9p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8dt-7z8a-qufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67686?format=json","vulnerability_id":"VCID-cbdg-vzrj-puc2","summary":"OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD, or BASH_ENV to spawned MCP server processes, enabling code injection when operators start sessions using those servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44995","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01927","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02796","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02786","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02801","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44995"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44995","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44995"},{"reference_url":"https://github.com/openclaw/openclaw/commit/62fa5071896e95edc7f67d1cebc70a2859e283af","reference_id":"62fa5071896e95edc7f67d1cebc70a2859e283af","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T17:56:23Z/"}],"url":"https://github.com/openclaw/openclaw/commit/62fa5071896e95edc7f67d1cebc70a2859e283af"},{"reference_url":"https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d2226d39d132a484f4f7a299fa1b","reference_id":"85d86ebc4bf3d2226d39d132a484f4f7a299fa1b","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T17:56:23Z/"}],"url":"https://github.com/openclaw/openclaw/commit/85d86ebc4bf3d2226d39d132a484f4f7a299fa1b"},{"reference_url":"https://github.com/advisories/GHSA-mj59-h3q9-ghfh","reference_id":"GHSA-mj59-h3q9-ghfh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mj59-h3q9-ghfh"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mj59-h3q9-ghfh","reference_id":"GHSA-mj59-h3q9-ghfh","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T17:56:23Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mj59-h3q9-ghfh"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-mcp-stdio-environment-variables","reference_id":"openclaw-arbitrary-code-execution-via-mcp-stdio-environment-variables","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"5.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T17:56:23Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-mcp-stdio-environment-variables"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-44995","GHSA-mj59-h3q9-ghfh"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbdg-vzrj-puc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67718?format=json","vulnerability_id":"VCID-cf4u-fs5p-3ue3","summary":"OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44117","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14214","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14184","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14211","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14096","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44117"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44117","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44117"},{"reference_url":"https://github.com/openclaw/openclaw/commit/49db424c8001f2f419aad85f434894d8d85c1a09","reference_id":"49db424c8001f2f419aad85f434894d8d85c1a09","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:33:16Z/"}],"url":"https://github.com/openclaw/openclaw/commit/49db424c8001f2f419aad85f434894d8d85c1a09"},{"reference_url":"https://github.com/advisories/GHSA-c4qg-j8jg-42q5","reference_id":"GHSA-c4qg-j8jg-42q5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c4qg-j8jg-42q5"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c4qg-j8jg-42q5","reference_id":"GHSA-c4qg-j8jg-42q5","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:33:16Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c4qg-j8jg-42q5"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-in-qqbot-direct-media-upload","reference_id":"openclaw-server-side-request-forgery-in-qqbot-direct-media-upload","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:33:16Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-in-qqbot-direct-media-upload"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-44117","GHSA-c4qg-j8jg-42q5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cf4u-fs5p-3ue3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67782?format=json","vulnerability_id":"VCID-e327-pu9e-x7gh","summary":"OpenClaw before 2026.4.22 contains a security envelope constraint bypass vulnerability allowing restricted subagents to spawn ACP child sessions that fail to inherit depth, child-count limits, control scope, or target-agent restrictions. Attackers can exploit this by spawning child sessions that bypass subagent-only constraints, potentially escalating privileges or accessing restricted resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44997","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0842","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09884","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09871","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09886","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44997"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44997","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44997"},{"reference_url":"https://github.com/openclaw/openclaw/commit/31160dc069b7cc5d833b39c53736a41ad3befda2","reference_id":"31160dc069b7cc5d833b39c53736a41ad3befda2","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:34Z/"}],"url":"https://github.com/openclaw/openclaw/commit/31160dc069b7cc5d833b39c53736a41ad3befda2"},{"reference_url":"https://github.com/advisories/GHSA-q3jj-46pq-826r","reference_id":"GHSA-q3jj-46pq-826r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q3jj-46pq-826r"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-q3jj-46pq-826r","reference_id":"GHSA-q3jj-46pq-826r","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:34Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-q3jj-46pq-826r"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-security-envelope-constraint-bypass-in-acp-child-sessions","reference_id":"openclaw-security-envelope-constraint-bypass-in-acp-child-sessions","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:25:34Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-security-envelope-constraint-bypass-in-acp-child-sessions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-44997","GHSA-q3jj-46pq-826r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e327-pu9e-x7gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67649?format=json","vulnerability_id":"VCID-e8sz-63dk-tfbs","summary":"OpenClaw before 2026.4.21 contains an authorization bypass vulnerability in command-auth.ts that allows non-owner senders to execute owner-enforced slash commands when wildcard inbound senders are configured without explicit owner allowFrom settings. Attackers can exploit this by sending commands like /send, /config, or /debug on affected channels to bypass owner-only command authorization checks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44991","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09004","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10527","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1055","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44991"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44991","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44991"},{"reference_url":"https://github.com/openclaw/openclaw/commit/2aa93d44a1b2c7058c371f261fda2b5d4de4a882","reference_id":"2aa93d44a1b2c7058c371f261fda2b5d4de4a882","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:26:30Z/"}],"url":"https://github.com/openclaw/openclaw/commit/2aa93d44a1b2c7058c371f261fda2b5d4de4a882"},{"reference_url":"https://github.com/openclaw/openclaw/commit/995febb7b1e811ff6a1df5b18c22de94103f4c9f","reference_id":"995febb7b1e811ff6a1df5b18c22de94103f4c9f","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:26:30Z/"}],"url":"https://github.com/openclaw/openclaw/commit/995febb7b1e811ff6a1df5b18c22de94103f4c9f"},{"reference_url":"https://github.com/advisories/GHSA-c28g-vh7m-fm7v","reference_id":"GHSA-c28g-vh7m-fm7v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c28g-vh7m-fm7v"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c28g-vh7m-fm7v","reference_id":"GHSA-c28g-vh7m-fm7v","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:26:30Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-c28g-vh7m-fm7v"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-owner-enforced-commands-via-wildcard-channel-senders","reference_id":"openclaw-authorization-bypass-in-owner-enforced-commands-via-wildcard-channel-senders","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:26:30Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-owner-enforced-commands-via-wildcard-channel-senders"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374221?format=json","purl":"pkg:npm/openclaw@2026.4.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.21"}],"aliases":["CVE-2026-44991","GHSA-c28g-vh7m-fm7v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8sz-63dk-tfbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360432?format=json","vulnerability_id":"VCID-eefn-gpc1-mfdx","summary":"OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes\n## Summary\n\nThe agent-facing `gateway` tool protects `config.apply` and `config.patch` with a model-to-operator trust boundary. That guard used a hand-maintained denylist of protected config paths. The config schema outgrew that denylist, leaving sensitive subtrees writable through model-driven gateway config mutations.\n\n## Impact\n\nA prompt-injected or otherwise compromised model running with access to the owner-only `gateway` tool could persist unsafe config changes that crossed security boundaries. Examples included config paths affecting command execution, network/proxy/TLS behavior, credential forwarding, telemetry or hook endpoints, memory/indexing surfaces, and operator policy controls. These changes could survive restart once written to config.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` on npm\n- Affected: versions before `2026.4.23`\n- Fixed: `2026.4.23`\n- Latest stable verified fixed: `openclaw@2026.4.23`, tag `v2026.4.23`\n\n## Fix\n\nOpenClaw replaced the denylist with a fail-closed allowlist. Agent-driven `gateway config.apply` and `gateway config.patch` now permit only narrow agent-tunable prompt/model settings and mention-gating paths. Other config changes are rejected before the gateway mutation RPC is invoked.\n\n## Fix Commit(s)\n\n- `bceda6089aa7b3695cc7696b43c61ae3d01bb0ec` (`fix(gateway): fail closed on runtime config edits`)\n\n## Severity\n\nSeverity remains `high`. The vulnerable entry point is owner-only, but the model/agent is not a trusted principal under OpenClaw's security model, and the guard is the explicit model-to-operator boundary for persisted config mutation.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-cwj3-vqpp-pmxr","reference_id":"GHSA-cwj3-vqpp-pmxr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cwj3-vqpp-pmxr"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-cwj3-vqpp-pmxr","reference_id":"GHSA-cwj3-vqpp-pmxr","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-cwj3-vqpp-pmxr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375456?format=json","purl":"pkg:npm/openclaw@2026.4.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.23"}],"aliases":["GHSA-cwj3-vqpp-pmxr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eefn-gpc1-mfdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70438?format=json","vulnerability_id":"VCID-fcfw-yctj-v3cy","summary":"OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can bypass exec preflight handling to manipulate high-risk shell variables like SHELLOPTS and PS4, affecting execution semantics and security controls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42435","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31188","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3138","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31399","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31381","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42435"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/65717","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/65717"},{"reference_url":"https://github.com/openclaw/openclaw/commit/8f8492d172f4c5b4fd7dd9a47855ed620c8770ab","reference_id":"8f8492d172f4c5b4fd7dd9a47855ed620c8770ab","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/commit/8f8492d172f4c5b4fd7dd9a47855ed620c8770ab"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42435","reference_id":"CVE-2026-42435","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42435"},{"reference_url":"https://github.com/advisories/GHSA-j6c7-3h5x-99g9","reference_id":"GHSA-j6c7-3h5x-99g9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j6c7-3h5x-99g9"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9","reference_id":"GHSA-j6c7-3h5x-99g9","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection","reference_id":"openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373522?format=json","purl":"pkg:npm/openclaw@2026.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6qbs-72h8-gua4"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-82aq-wxf5-aka8"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9c2u-hch4-8qbj"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c3hg-hct8-eqbv"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-ns2g-q3vb-akcm"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-rr2j-c7md-57gj"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v3u2-k16m-9kdp"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.12"}],"aliases":["CVE-2026-42435","GHSA-j6c7-3h5x-99g9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fcfw-yctj-v3cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69771?format=json","vulnerability_id":"VCID-fgkb-fmuq-wffh","summary":"OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup metadata resolution. Attackers can execute arbitrary JavaScript under the current user account by placing a malicious extensions/<plugin>/setup-api.js file in a repository and convincing a user to run OpenClaw commands from that directory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45004","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02795","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03606","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03593","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03602","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45004"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45004","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45004"},{"reference_url":"https://github.com/openclaw/openclaw/commit/993781e6e6eaf50f033cfc3e3bf4f47059740707","reference_id":"993781e6e6eaf50f033cfc3e3bf4f47059740707","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/commit/993781e6e6eaf50f033cfc3e3bf4f47059740707"},{"reference_url":"https://github.com/advisories/GHSA-r39h-4c2p-3jxp","reference_id":"GHSA-r39h-4c2p-3jxp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r39h-4c2p-3jxp"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r39h-4c2p-3jxp","reference_id":"GHSA-r39h-4c2p-3jxp","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-r39h-4c2p-3jxp"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-setup-api-js-in-current-working-directory","reference_id":"openclaw-arbitrary-code-execution-via-setup-api-js-in-current-working-directory","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:30:14Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-setup-api-js-in-current-working-directory"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375456?format=json","purl":"pkg:npm/openclaw@2026.4.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.23"}],"aliases":["CVE-2026-45004","GHSA-r39h-4c2p-3jxp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgkb-fmuq-wffh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359785?format=json","vulnerability_id":"VCID-hbkd-8rx2-4qb8","summary":"OpenClaw: Agent gateway config mutations could change protected operator settings\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `< 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nThe agent-facing `gateway config.patch` / `config.apply` guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening. A prompt-injected model with access to the owner-only gateway tool could persist changes to those settings.\n\nThis is a model-to-operator guard bypass, not a remote unauthenticated gateway compromise. Severity is medium.\n\n## Fix\n\nOpenClaw now blocks model-driven gateway config mutations for the broader operator-trusted path set and covers per-agent overrides and array-entry patching.\n\nFix commit:\n\n- `fe30b31a97a917ecc6e92f6c85378b6b20352422`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-7jm2-g593-4qrc","reference_id":"GHSA-7jm2-g593-4qrc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7jm2-g593-4qrc"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7jm2-g593-4qrc","reference_id":"GHSA-7jm2-g593-4qrc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7jm2-g593-4qrc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["GHSA-7jm2-g593-4qrc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbkd-8rx2-4qb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80674?format=json","vulnerability_id":"VCID-hwyc-kv1j-1yhm","summary":"OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially disclosing sensitive files or exposing credentials.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41389","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1317","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13251","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13277","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13271","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41389"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/67293","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/67293"},{"reference_url":"https://github.com/openclaw/openclaw/pull/67298","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/67298"},{"reference_url":"https://github.com/openclaw/openclaw/pull/67303","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/67303"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41389","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41389"},{"reference_url":"https://github.com/openclaw/openclaw/commit/1470de5d3e0970856d86cd99336bb8ada3fe87da","reference_id":"1470de5d3e0970856d86cd99336bb8ada3fe87da","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T18:04:52Z/"}],"url":"https://github.com/openclaw/openclaw/commit/1470de5d3e0970856d86cd99336bb8ada3fe87da"},{"reference_url":"https://github.com/openclaw/openclaw/commit/52ef42302ead9e183e6c8810e0a04ee4ef8ae9fc","reference_id":"52ef42302ead9e183e6c8810e0a04ee4ef8ae9fc","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T18:04:52Z/"}],"url":"https://github.com/openclaw/openclaw/commit/52ef42302ead9e183e6c8810e0a04ee4ef8ae9fc"},{"reference_url":"https://github.com/openclaw/openclaw/commit/6e58f1f9f54bca1fea1268ec0ee4c01a2af03dde","reference_id":"6e58f1f9f54bca1fea1268ec0ee4c01a2af03dde","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T18:04:52Z/"}],"url":"https://github.com/openclaw/openclaw/commit/6e58f1f9f54bca1fea1268ec0ee4c01a2af03dde"},{"reference_url":"https://github.com/advisories/GHSA-mr34-9552-qr95","reference_id":"GHSA-mr34-9552-qr95","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mr34-9552-qr95"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mr34-9552-qr95","reference_id":"GHSA-mr34-9552-qr95","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T18:04:52Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mr34-9552-qr95"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-unvalidated-tool-result-media-paths","reference_id":"openclaw-arbitrary-file-read-via-unvalidated-tool-result-media-paths","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T18:04:52Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-unvalidated-tool-result-media-paths"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["CVE-2026-41389","GHSA-mr34-9552-qr95"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hwyc-kv1j-1yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360332?format=json","vulnerability_id":"VCID-jdbz-6b2q-xyav","summary":"OpenClaw's Gateway Control UI bootstrap config required Gateway auth\n## Summary\nGateway Control UI bootstrap config required Gateway auth.\n\n## Affected Packages / Versions\n- Package: openclaw (npm)\n- Affected versions: <= 2026.4.21\n- Fixed version: 2026.4.22\n\n## Impact\nWhen Gateway authentication was enabled, the Control UI bootstrap config endpoint could still be read without a valid Gateway token. That response could expose sensitive bootstrap/config fields intended only for authenticated Control UI sessions.\n\n## Fix\nThe bootstrap config route now goes through the same Gateway read-auth path as other authenticated Control UI reads. Regression tests cover unauthenticated rejection, valid-token access, and basePath handling.\n\n## Fix Commit(s)\n- 2321d67263bc710e357644d59f746b08d891051b\n\n## Verification\n- The fix commit is contained in the public v2026.4.22 tag.\n- openclaw@2026.4.22 is published on npm and the compiled package contains the fix.\n- Focused regression coverage for this path passed before publication.\n\nOpenClaw thanks @zsxsoft for reporting.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-93rg-2xm5-2p9v","reference_id":"GHSA-93rg-2xm5-2p9v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-93rg-2xm5-2p9v"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-93rg-2xm5-2p9v","reference_id":"GHSA-93rg-2xm5-2p9v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-93rg-2xm5-2p9v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["GHSA-93rg-2xm5-2p9v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jdbz-6b2q-xyav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359880?format=json","vulnerability_id":"VCID-jwnv-j7hq-sbh9","summary":"OpenClaw: QMD memory_get restricts reads to canonical or indexed memory paths\n## Summary\n\nThe QMD backend `memory_get` read path accepted arbitrary workspace Markdown paths that were inside the workspace but outside the canonical memory locations or indexed QMD result set.\n\n## Impact\n\nWhen the QMD backend was enabled, a caller with access to `memory_get` could read arbitrary `*.md` files under the configured workspace root, even when those files were not canonical memory files and had not been returned by QMD search. Severity remains low because exploitation requires access to the memory tool surface and is limited to workspace Markdown files, but it bypassed the intended memory-path policy.\n\n## Affected versions\n\n- Affected: `< 2026.4.15`\n- Patched: `2026.4.15`\n\n## Fix\n\nOpenClaw `2026.4.15` restricts QMD reads to canonical memory paths or previously indexed QMD workspace paths. Workspace containment alone is no longer sufficient.\n\nVerified in `v2026.4.15`:\n\n- `extensions/memory-core/src/memory/qmd-manager.ts` rejects non-default workspace Markdown paths unless they match an indexed QMD workspace read path.\n- `extensions/memory-core/src/memory/qmd-manager.test.ts` covers QMD session search-result reads and the read-path restriction behavior.\n\nFix commit included in `v2026.4.15` and absent from `v2026.4.14`:\n\n- `37d5971db36491d5050efd42c333cbe0b98ed292` via PR #66026\n\nThanks to @zsxsoft, Keen Security Lab, and @qclawer for reporting this issue.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66026","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66026"},{"reference_url":"https://github.com/advisories/GHSA-f934-5rqf-xx47","reference_id":"GHSA-f934-5rqf-xx47","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f934-5rqf-xx47"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f934-5rqf-xx47","reference_id":"GHSA-f934-5rqf-xx47","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f934-5rqf-xx47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["GHSA-f934-5rqf-xx47"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwnv-j7hq-sbh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65585?format=json","vulnerability_id":"VCID-kkqe-kjun-mufe","summary":"OpenClaw before 2026.4.12 contains a server-side request forgery vulnerability in QQBot reply media URL handling that allows attackers to fetch arbitrary content. Attackers can exploit this by providing malicious media URLs that trigger SSRF requests, with fetched bytes subsequently re-uploaded through the channel.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43526","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14157","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14245","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14273","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14276","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43526"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/08ae021d1f42905a85a550813c0d95169b171a6c","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/08ae021d1f42905a85a550813c0d95169b171a6c"},{"reference_url":"https://github.com/openclaw/openclaw/pull/63495","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/63495"},{"reference_url":"https://github.com/openclaw/openclaw/pull/65788","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/65788"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43526","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43526"},{"reference_url":"https://github.com/openclaw/openclaw/commit/08ae021d1f4f02e0ca5fd8a3b9659291c1ecf95a","reference_id":"08ae021d1f4f02e0ca5fd8a3b9659291c1ecf95a","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:24:17Z/"}],"url":"https://github.com/openclaw/openclaw/commit/08ae021d1f4f02e0ca5fd8a3b9659291c1ecf95a"},{"reference_url":"https://github.com/openclaw/openclaw/commit/ddb7a8dd80b8d5dd04aafa44ce7a4354b568bb2d","reference_id":"ddb7a8dd80b8d5dd04aafa44ce7a4354b568bb2d","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:24:17Z/"}],"url":"https://github.com/openclaw/openclaw/commit/ddb7a8dd80b8d5dd04aafa44ce7a4354b568bb2d"},{"reference_url":"https://github.com/advisories/GHSA-2767-2q9v-9326","reference_id":"GHSA-2767-2q9v-9326","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2767-2q9v-9326"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2767-2q9v-9326","reference_id":"GHSA-2767-2q9v-9326","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:24:17Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2767-2q9v-9326"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-qqbot-reply-media-url-handling","reference_id":"openclaw-server-side-request-forgery-via-qqbot-reply-media-url-handling","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T12:24:17Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-qqbot-reply-media-url-handling"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373522?format=json","purl":"pkg:npm/openclaw@2026.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6qbs-72h8-gua4"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-82aq-wxf5-aka8"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9c2u-hch4-8qbj"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c3hg-hct8-eqbv"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-ns2g-q3vb-akcm"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-rr2j-c7md-57gj"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v3u2-k16m-9kdp"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.12"}],"aliases":["CVE-2026-43526","GHSA-2767-2q9v-9326"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkqe-kjun-mufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65546?format=json","vulnerability_id":"VCID-ns2g-q3vb-akcm","summary":"OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when the run should have been downgraded.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43566","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36877","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36891","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36905","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36698","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43566"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66031","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66031"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43566","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43566"},{"reference_url":"https://github.com/openclaw/openclaw/commit/31281bc92f55796817a92bc43f722cba1e77ab42","reference_id":"31281bc92f55796817a92bc43f722cba1e77ab42","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:28:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/31281bc92f55796817a92bc43f722cba1e77ab42"},{"reference_url":"https://github.com/advisories/GHSA-g2hm-779g-vm32","reference_id":"GHSA-g2hm-779g-vm32","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g2hm-779g-vm32"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-g2hm-779g-vm32","reference_id":"GHSA-g2hm-779g-vm32","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:28:26Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-g2hm-779g-vm32"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-untrusted-webhook-wake-events","reference_id":"openclaw-privilege-escalation-via-untrusted-webhook-wake-events","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-05T14:28:26Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-untrusted-webhook-wake-events"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43566","GHSA-g2hm-779g-vm32"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns2g-q3vb-akcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80789?format=json","vulnerability_id":"VCID-qpq9-cabj-a7hj","summary":"OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in the assistant-media route that allows trusted-proxy callers without operator.read scope to access protected assistant-media files and metadata. Attackers can bypass identity-bearing HTTP auth path scope validation to retrieve sensitive media content within allowed media roots.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41908","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11227","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11185","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11219","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11162","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41908"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41908","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41908"},{"reference_url":"https://github.com/openclaw/openclaw/commit/99ef3a63c58440d53f8e45ad861b846032fcb036","reference_id":"99ef3a63c58440d53f8e45ad861b846032fcb036","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T18:25:38Z/"}],"url":"https://github.com/openclaw/openclaw/commit/99ef3a63c58440d53f8e45ad861b846032fcb036"},{"reference_url":"https://github.com/advisories/GHSA-v8qf-fr4g-28p2","reference_id":"GHSA-v8qf-fr4g-28p2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v8qf-fr4g-28p2"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v8qf-fr4g-28p2","reference_id":"GHSA-v8qf-fr4g-28p2","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T18:25:38Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v8qf-fr4g-28p2"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-scope-enforcement-bypass-in-assistant-media-route","reference_id":"openclaw-scope-enforcement-bypass-in-assistant-media-route","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T18:25:38Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-scope-enforcement-bypass-in-assistant-media-route"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-41908","GHSA-v8qf-fr4g-28p2"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpq9-cabj-a7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67930?format=json","vulnerability_id":"VCID-qqsk-1mk9-pygw","summary":"OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access unauthorized file contents.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44113","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11644","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11609","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11638","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11567","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44113"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44113","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44113"},{"reference_url":"https://github.com/openclaw/openclaw/commit/95119017c847c737bd113f0bff728c4666d79c45","reference_id":"95119017c847c737bd113f0bff728c4666d79c45","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:04:19Z/"}],"url":"https://github.com/openclaw/openclaw/commit/95119017c847c737bd113f0bff728c4666d79c45"},{"reference_url":"https://github.com/advisories/GHSA-5h3g-6xhh-rg6p","reference_id":"GHSA-5h3g-6xhh-rg6p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5h3g-6xhh-rg6p"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5h3g-6xhh-rg6p","reference_id":"GHSA-5h3g-6xhh-rg6p","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:04:19Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5h3g-6xhh-rg6p"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-time-of-check-time-of-use-race-condition-in-openshell-fs-bridge","reference_id":"openclaw-time-of-check-time-of-use-race-condition-in-openshell-fs-bridge","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:04:19Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-time-of-check-time-of-use-race-condition-in-openshell-fs-bridge"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["CVE-2026-44113","GHSA-5h3g-6xhh-rg6p"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqsk-1mk9-pygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67822?format=json","vulnerability_id":"VCID-r75w-jwbm-dyew","summary":"OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing webhook-triggered cron agent output to be recorded as trusted system events. Attackers can exploit this trust-labeling issue to strengthen prompt-injection attacks by rendering untrusted events as trusted System events.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44999","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04755","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05529","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05537","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05543","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44999"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44999","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44999"},{"reference_url":"https://github.com/openclaw/openclaw/commit/f61896b03cc7031f51106a04566831f4ac2a0bd7","reference_id":"f61896b03cc7031f51106a04566831f4ac2a0bd7","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T13:52:52Z/"}],"url":"https://github.com/openclaw/openclaw/commit/f61896b03cc7031f51106a04566831f4ac2a0bd7"},{"reference_url":"https://github.com/advisories/GHSA-57r2-h2wj-g887","reference_id":"GHSA-57r2-h2wj-g887","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-57r2-h2wj-g887"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-57r2-h2wj-g887","reference_id":"GHSA-57r2-h2wj-g887","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T13:52:52Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-57r2-h2wj-g887"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-improper-trust-labeling-in-isolated-cron-awareness-events","reference_id":"openclaw-improper-trust-labeling-in-isolated-cron-awareness-events","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T13:52:52Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-improper-trust-labeling-in-isolated-cron-awareness-events"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-44999","GHSA-57r2-h2wj-g887"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r75w-jwbm-dyew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65517?format=json","vulnerability_id":"VCID-rr2j-c7md-57gj","summary":"OpenClaw before 2026.4.14 contains an authorization context reuse vulnerability in collect-mode queue batches that allows messages from different senders to inherit the final sender's authorization context. Attackers can exploit this by sending multiple queued messages to drain batches using a more privileged sender's context, causing earlier messages to execute with elevated permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43535","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0906","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0905","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09062","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09011","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43535"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66024","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66024"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43535","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43535"},{"reference_url":"https://github.com/openclaw/openclaw/commit/43d4be902755c970b3d15608679761877718da69","reference_id":"43d4be902755c970b3d15608679761877718da69","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T12:07:14Z/"}],"url":"https://github.com/openclaw/openclaw/commit/43d4be902755c970b3d15608679761877718da69"},{"reference_url":"https://github.com/advisories/GHSA-jwrq-8g5x-5fhm","reference_id":"GHSA-jwrq-8g5x-5fhm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jwrq-8g5x-5fhm"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jwrq-8g5x-5fhm","reference_id":"GHSA-jwrq-8g5x-5fhm","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T12:07:14Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jwrq-8g5x-5fhm"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-context-reuse-in-collect-mode-queue-batches","reference_id":"openclaw-authorization-context-reuse-in-collect-mode-queue-batches","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-05T12:07:14Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-context-reuse-in-collect-mode-queue-batches"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43535","GHSA-jwrq-8g5x-5fhm"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rr2j-c7md-57gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360458?format=json","vulnerability_id":"VCID-sbxm-vwhw-9fhd","summary":"OpenClaw's exec allowlist analysis rejects shell expansion in unquoted heredocs\n## Summary\nExec allowlist analysis rejects shell expansion in unquoted heredocs\n\n\n## Affected Packages / Versions\n- Package: openclaw (npm)\n- Affected versions: <= 2026.4.21\n- Fixed version: 2026.4.22\n\n## Impact\nAn allowlisted command containing an unquoted heredoc could hide shell expansion in the heredoc body. That could make the approved command text look safer than what the shell would evaluate at runtime.\n\n## Fix\nThe exec command analyzer now tracks heredoc bodies, rejects unquoted heredoc expansion tokens and continuation-splice bypasses, and preserves quoted heredocs and literal safe text.\n\n## Fix Commit(s)\n- b2e8b7d4bb2f22eaa16f5c4b07547774e90b65a5\n\n## Verification\n- The fix commit is contained in the public v2026.4.22 tag.\n- openclaw@2026.4.22 is published on npm and the compiled package contains the fix.\n- Focused regression coverage for this path passed before publication.\n\nThanks @VladimirEliTokarev for reporting.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-x3h8-jrgh-p8jx","reference_id":"GHSA-x3h8-jrgh-p8jx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x3h8-jrgh-p8jx"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-x3h8-jrgh-p8jx","reference_id":"GHSA-x3h8-jrgh-p8jx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-x3h8-jrgh-p8jx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375357?format=json","purl":"pkg:npm/openclaw@2026.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.22"}],"aliases":["GHSA-x3h8-jrgh-p8jx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbxm-vwhw-9fhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359759?format=json","vulnerability_id":"VCID-t7nn-6cy7-2yak","summary":"OpenClaw: Webchat audio embedding could read local files without local-root containment\n## Impact\n\nOpenClaw deployments before `2026.4.15` could embed host-local audio files into webchat responses without applying the local media root containment check used by other media-serving paths.\n\nIf an attacker could influence an agent or tool-produced `ReplyPayload.mediaUrl`, the webchat audio embedding helper could resolve an absolute local path or `file:` URL, read an audio-like file under the size cap, and base64-encode it into the webchat media response. This crossed the model/tool-output boundary into a host file read. Prompt injection or malicious tool output is a delivery mechanism; the security boundary failure is the missing local-root containment check.\n\nThe impact is narrow: the file had to be readable by the gateway process, have an audio-like extension, and fit within the webchat audio size cap. The issue exposed contents into the webchat assistant/media transcript path; it was not a general remote filesystem API.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` on npm\n- Affected versions: `<= 2026.4.14`\n- Patched version: `2026.4.15`\n\nThe latest public release, `2026.4.21`, also contains the fix.\n\n## Patches\n\nThe public fix threads the applicable local media roots into the webchat audio embedding path and calls `assertLocalMediaAllowed` before local audio content is read. Current `main` also includes an additional `trustedLocalMedia` gate so untrusted model/tool payloads cannot opt into local audio embedding.\n\nFix commit:\n\n- `6e58f1f9f54bca1fea1268ec0ee4c01a2af03dde`\n\n## Workarounds\n\nUpgrade to `openclaw@2026.4.15` or later. The latest public release, `2026.4.21`, is fixed. Before upgrading, avoid exposing webchat sessions to untrusted prompt/tool content that can influence reply media URLs.\n\n## Credits\n\nOpenClaw thanks @zsxsoft for reporting.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-gfg9-5357-hv4c","reference_id":"GHSA-gfg9-5357-hv4c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gfg9-5357-hv4c"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gfg9-5357-hv4c","reference_id":"GHSA-gfg9-5357-hv4c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gfg9-5357-hv4c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373280?format=json","purl":"pkg:npm/openclaw@2026.4.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.15"}],"aliases":["GHSA-gfg9-5357-hv4c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7nn-6cy7-2yak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359830?format=json","vulnerability_id":"VCID-tegh-qc36-ufha","summary":"OpenClaw: Bundled MCP/LSP tools could bypass configured tool policy\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `< 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nBundled MCP and LSP tools could be appended to the agent's effective tool set after the normal tool-policy pipeline had already filtered core tools. If an operator configured a restrictive policy, such as a tool profile, explicit allow/deny list, owner-only tool restriction, sandbox tool policy, or subagent tool policy, a bundled MCP/LSP tool could remain available even though the same policy would have denied it.\n\nThe issue required a configured bundled MCP or LSP tool source and an operator policy that should have restricted that tool. This was a local agent policy-enforcement bypass, not an unauthenticated remote gateway compromise. Severity is medium.\n\n## Fix\n\nOpenClaw now applies a final effective tool policy pass to bundled MCP/LSP tools before merging them into the tool set used by normal runs and compaction. The pass covers profile policy, provider profile policy, global/agent/group policies, owner-only filtering, sandbox tool policy, and subagent tool policy.\n\nFix commit:\n\n- `0e7a992d3f3155199c1acc2dd9a53c5b3a4d3ada`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-qrp5-gfw2-gxv4","reference_id":"GHSA-qrp5-gfw2-gxv4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qrp5-gfw2-gxv4"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-qrp5-gfw2-gxv4","reference_id":"GHSA-qrp5-gfw2-gxv4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-qrp5-gfw2-gxv4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["GHSA-qrp5-gfw2-gxv4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tegh-qc36-ufha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65465?format=json","vulnerability_id":"VCID-v3u2-k16m-9kdp","summary":"OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with config read access can exploit this to obtain provider API keys, gateway authentication material, and channel credentials that should have been redacted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43528","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26196","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26395","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2641","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26398","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-43528"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/pull/66030","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/66030"},{"reference_url":"https://github.com/openclaw/openclaw/commit/86734ef93a2f25063371b04f1946eb300548acd4","reference_id":"86734ef93a2f25063371b04f1946eb300548acd4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:57Z/"}],"url":"https://github.com/openclaw/openclaw/commit/86734ef93a2f25063371b04f1946eb300548acd4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43528","reference_id":"CVE-2026-43528","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43528"},{"reference_url":"https://github.com/advisories/GHSA-8372-7vhw-cm6q","reference_id":"GHSA-8372-7vhw-cm6q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8372-7vhw-cm6q"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-8372-7vhw-cm6q","reference_id":"GHSA-8372-7vhw-cm6q","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:57Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-8372-7vhw-cm6q"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-redaction-bypass-via-sourceconfig-and-runtimeconfig-aliases","reference_id":"openclaw-redaction-bypass-via-sourceconfig-and-runtimeconfig-aliases","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:10:57Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-redaction-bypass-via-sourceconfig-and-runtimeconfig-aliases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373341?format=json","purl":"pkg:npm/openclaw@2026.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qnh-qhcx-63et"},{"vulnerability":"VCID-4qqv-57ws-4yb3"},{"vulnerability":"VCID-5zh4-jn4s-akc9"},{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-6w88-6bts-sudv"},{"vulnerability":"VCID-8h62-5c5b-cbdt"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-b158-4js1-77de"},{"vulnerability":"VCID-c3fa-2u7p-pkgn"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-cbdg-vzrj-puc2"},{"vulnerability":"VCID-cf4u-fs5p-3ue3"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-hbkd-8rx2-4qb8"},{"vulnerability":"VCID-hwyc-kv1j-1yhm"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-jwnv-j7hq-sbh9"},{"vulnerability":"VCID-qpq9-cabj-a7hj"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-r75w-jwbm-dyew"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-t7nn-6cy7-2yak"},{"vulnerability":"VCID-tegh-qc36-ufha"},{"vulnerability":"VCID-v6e8-g5w8-k3ax"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"},{"vulnerability":"VCID-yqjc-khg8-uyb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.14"}],"aliases":["CVE-2026-43528","GHSA-8372-7vhw-cm6q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3u2-k16m-9kdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359841?format=json","vulnerability_id":"VCID-v6e8-g5w8-k3ax","summary":"OpenClaw: Browser CDP profile creation skipped strict-mode SSRF checks\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected versions: `< 2026.4.20`\n- Patched version: `2026.4.20`\n\n## Impact\n\nBrowser profile creation normalized `cdpUrl` values before persisting them, but did not apply the configured browser SSRF policy at creation time. In deployments that explicitly disabled private-network CDP targets, a stored profile could still point at a private-network or metadata endpoint and later be probed by normal profile status flows.\n\nDefault trusted-operator browser behavior allows private-network CDP endpoints, so this only affected strict-mode deployments. Severity is low.\n\n## Fix\n\nOpenClaw now checks CDP endpoints against the browser SSRF policy during profile creation and reachability operations.\n\nFix commits:\n\n- `1fd049e3074cac72f6734a7fe88468c84f5f8bd7`\n- `e90c89cf8b1459f2aa1f3a665be67392b6c03fdf`\n\n## Release\n\nFixed in OpenClaw `2026.4.20`.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/advisories/GHSA-j4c5-89f5-f3pm","reference_id":"GHSA-j4c5-89f5-f3pm","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j4c5-89f5-f3pm"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j4c5-89f5-f3pm","reference_id":"GHSA-j4c5-89f5-f3pm","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j4c5-89f5-f3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["GHSA-j4c5-89f5-f3pm"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6e8-g5w8-k3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69848?format=json","vulnerability_id":"VCID-y5k6-v1cj-cqg6","summary":"OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and reload. Attackers with previously valid webhook route secrets can continue authenticating requests and invoking configured webhook task flows until gateway or plugin restart.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45005","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17871","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19514","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19539","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19517","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-45005"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45005","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45005"},{"reference_url":"https://github.com/openclaw/openclaw/commit/36c4a372a0ad5dca8bfc0d93f7aab9c2f2de66fa","reference_id":"36c4a372a0ad5dca8bfc0d93f7aab9c2f2de66fa","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-12T16:10:40Z/"}],"url":"https://github.com/openclaw/openclaw/commit/36c4a372a0ad5dca8bfc0d93f7aab9c2f2de66fa"},{"reference_url":"https://github.com/advisories/GHSA-q8ff-7ffm-m3r9","reference_id":"GHSA-q8ff-7ffm-m3r9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q8ff-7ffm-m3r9"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-q8ff-7ffm-m3r9","reference_id":"GHSA-q8ff-7ffm-m3r9","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-12T16:10:40Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-q8ff-7ffm-m3r9"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-webhook-route-secret-cache-not-invalidated-after-rotation","reference_id":"openclaw-webhook-route-secret-cache-not-invalidated-after-rotation","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-12T16:10:40Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-webhook-route-secret-cache-not-invalidated-after-rotation"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375456?format=json","purl":"pkg:npm/openclaw@2026.4.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.23"}],"aliases":["CVE-2026-45005","GHSA-q8ff-7ffm-m3r9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5k6-v1cj-cqg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67862?format=json","vulnerability_id":"VCID-yqjc-khg8-uyb4","summary":"OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted OpenClaw runtime behavior during source-update or installer flows.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44114","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07205","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07239","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07238","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07245","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44114"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44114","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44114"},{"reference_url":"https://github.com/openclaw/openclaw/commit/018494fa3ebb9145112e68b56fe1cb2e9f9a9ed6","reference_id":"018494fa3ebb9145112e68b56fe1cb2e9f9a9ed6","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:52:56Z/"}],"url":"https://github.com/openclaw/openclaw/commit/018494fa3ebb9145112e68b56fe1cb2e9f9a9ed6"},{"reference_url":"https://github.com/advisories/GHSA-hxvm-xjvf-93f3","reference_id":"GHSA-hxvm-xjvf-93f3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hxvm-xjvf-93f3"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-hxvm-xjvf-93f3","reference_id":"GHSA-hxvm-xjvf-93f3","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:52:56Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-hxvm-xjvf-93f3"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-environment-variable-namespace-collision-via-workspace-dotenv","reference_id":"openclaw-environment-variable-namespace-collision-via-workspace-dotenv","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T13:52:56Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-environment-variable-namespace-collision-via-workspace-dotenv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373308?format=json","purl":"pkg:npm/openclaw@2026.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-65nh-ys6n-77ag"},{"vulnerability":"VCID-9u9n-s6sc-2bhw"},{"vulnerability":"VCID-afjz-us2v-k7ak"},{"vulnerability":"VCID-c8dt-7z8a-qufe"},{"vulnerability":"VCID-e327-pu9e-x7gh"},{"vulnerability":"VCID-e8sz-63dk-tfbs"},{"vulnerability":"VCID-eefn-gpc1-mfdx"},{"vulnerability":"VCID-fgkb-fmuq-wffh"},{"vulnerability":"VCID-jdbz-6b2q-xyav"},{"vulnerability":"VCID-qqsk-1mk9-pygw"},{"vulnerability":"VCID-sbxm-vwhw-9fhd"},{"vulnerability":"VCID-y5k6-v1cj-cqg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.20"}],"aliases":["CVE-2026-44114","GHSA-hxvm-xjvf-93f3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqjc-khg8-uyb4"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.11-beta.1"}