{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","type":"npm","namespace":"","name":"openclaw","version":"2026.2.22","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346607?format=json","vulnerability_id":"VCID-1syh-9dme-bfdn","summary":"Duplicate Advisory: OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)\n## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-7xr2-q9vf-x4r5. This link is maintained to preserve external references.\n\n## Original Description\nOpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that use fs.appendFile on IDENTITY.md without symlink containment checks. Attackers with workspace access can plant symlinks to append attacker-controlled content to arbitrary files, enabling remote code execution via crontab injection or unauthorized access via SSH key manipulation.","references":[{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7xr2-q9vf-x4r5","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7xr2-q9vf-x4r5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35632","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35632"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-via-identity-md-appendfile-in-agents-create-update","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-via-identity-md-appendfile-in-agents-create-update"},{"reference_url":"https://github.com/advisories/GHSA-pmf3-2q63-jmp6","reference_id":"GHSA-pmf3-2q63-jmp6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pmf3-2q63-jmp6"}],"fixed_packages":[],"aliases":["GHSA-pmf3-2q63-jmp6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1syh-9dme-bfdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/333174?format=json","vulnerability_id":"VCID-6k3m-6kjx-yfgn","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42435","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28723","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42435"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/8f8492d172f4c5b4fd7dd9a47855ed620c8770ab","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/commit/8f8492d172f4c5b4fd7dd9a47855ed620c8770ab"},{"reference_url":"https://github.com/openclaw/openclaw/pull/65717","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/pull/65717"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9"},{"reference_url":"https://github.com/advisories/GHSA-j6c7-3h5x-99g9","reference_id":"GHSA-j6c7-3h5x-99g9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j6c7-3h5x-99g9"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection","reference_id":"openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T12:30:14Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-shell-wrapper-detection-bypass-via-environment-variable-assignment-injection"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188577?format=json","purl":"pkg:npm/openclaw@2026.4.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.4.12"}],"aliases":["CVE-2026-42435","GHSA-j6c7-3h5x-99g9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6k3m-6kjx-yfgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22995?format=json","vulnerability_id":"VCID-bbm8-2r84-puh5","summary":"OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL\n`shell-env` fallback trusted prefix-based executable paths for `$SHELL`, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22217","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04919","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22217"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/ff10fe8b91670044a6bb0cd85deb736a0ec8fb55","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/"}],"url":"https://github.com/openclaw/openclaw/commit/ff10fe8b91670044a6bb0cd85deb736a0ec8fb55"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-binary-execution-via-shell-environment-variable-trusted-prefix-fallback","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-binary-execution-via-shell-environment-variable-trusted-prefix-fallback"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22217","reference_id":"CVE-2026-22217","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22217"},{"reference_url":"https://github.com/advisories/GHSA-p4wh-cr8m-gm6c","reference_id":"GHSA-p4wh-cr8m-gm6c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p4wh-cr8m-gm6c"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-p4wh-cr8m-gm6c","reference_id":"GHSA-p4wh-cr8m-gm6c","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T16:01:34Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-p4wh-cr8m-gm6c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73123?format=json","purl":"pkg:npm/openclaw@2026.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14dm-xdbs-jyag"},{"vulnerability":"VCID-4k99-uxvr-xqdk"},{"vulnerability":"VCID-4t15-ucme-rfds"},{"vulnerability":"VCID-7fne-xf3e-nbf4"},{"vulnerability":"VCID-9ncn-x24u-p3d2"},{"vulnerability":"VCID-er7e-mmer-2fam"},{"vulnerability":"VCID-eubb-389j-a3aj"},{"vulnerability":"VCID-fd3n-z36p-qyem"},{"vulnerability":"VCID-j56m-mjsq-vkg2"},{"vulnerability":"VCID-mggm-k7ad-euah"},{"vulnerability":"VCID-nsu6-ny82-qyh2"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-tjyg-pe2k-rffg"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-ze3j-1fak-pqfz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.23"}],"aliases":["CVE-2026-22217","GHSA-p4wh-cr8m-gm6c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbm8-2r84-puh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23037?format=json","vulnerability_id":"VCID-gq39-w2ua-3ua5","summary":"OpenClaw unpaired device identity can bypass operator pairing and self-assign operator scopes with shared auth\nA client using shared gateway auth could attach an unpaired device identity and request elevated operator scopes (including `operator.admin`) before pairing approval, enabling privilege escalation.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/8d1481cb4a9d31bd617e52dc8c392c35689d9dea","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/8d1481cb4a9d31bd617e52dc8c392c35689d9dea"},{"reference_url":"https://github.com/advisories/GHSA-553v-f69r-656j","reference_id":"GHSA-553v-f69r-656j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-553v-f69r-656j"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-553v-f69r-656j","reference_id":"GHSA-553v-f69r-656j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-553v-f69r-656j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73164?format=json","purl":"pkg:npm/openclaw@2026.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4mbh-umh4-zqa2"},{"vulnerability":"VCID-c6xk-nvk7-wffv"},{"vulnerability":"VCID-d3vu-athv-1yc5"},{"vulnerability":"VCID-d8pd-d25a-uqac"},{"vulnerability":"VCID-e1nr-qevt-4qfp"},{"vulnerability":"VCID-fsk8-x769-a7dx"},{"vulnerability":"VCID-j1mx-pyb9-2ubb"},{"vulnerability":"VCID-mtfa-9zaj-cbcc"},{"vulnerability":"VCID-njth-9vvv-n3fv"},{"vulnerability":"VCID-qutb-x5ca-bqh4"},{"vulnerability":"VCID-s73c-yny2-ryam"},{"vulnerability":"VCID-wjuj-r1wf-p3g5"},{"vulnerability":"VCID-yv1r-2d2w-k7as"},{"vulnerability":"VCID-yv99-c9yg-6fhq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.25"}],"aliases":["GHSA-553v-f69r-656j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gq39-w2ua-3ua5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346763?format=json","vulnerability_id":"VCID-rawy-syu6-q7g2","summary":"Duplicate Advisory: Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch\n## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-gw85-xp4q-5gp9. This link is maintained to preserve external references.\n\n## Original Description\nOpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attackers with Synology sender access can bypass authorization checks and trigger unauthorized agent dispatch and downstream tool actions.","references":[{"reference_url":"https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5"},{"reference_url":"https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31998","reference_id":"CVE-2026-31998","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31998"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9","reference_id":"GHSA-gw85-xp4q-5gp9","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9"},{"reference_url":"https://github.com/advisories/GHSA-jqpf-vj28-9v7r","reference_id":"GHSA-jqpf-vj28-9v7r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jqpf-vj28-9v7r"}],"fixed_packages":[],"aliases":["GHSA-jqpf-vj28-9v7r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rawy-syu6-q7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22990?format=json","vulnerability_id":"VCID-usnj-f1tv-p7eh","summary":"OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch\nIn `openclaw` versions `2026.2.22` and `2026.2.23`, the optional `synology-chat` channel plugin had an authorization fail-open condition: when `dmPolicy` was `allowlist` and `allowedUserIds` was empty/unset, unauthorized senders were still allowed through to agent dispatch.\n\nThis is assessed as **medium** severity because it requires channel/plugin setup and Synology sender access, but can still trigger downstream agent/tool actions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31998","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21767","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31998"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/"}],"url":"https://github.com/openclaw/openclaw/commit/0ee30361b8f6ef3f110f3a7b001da6dd3df96bb5"},{"reference_url":"https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/"}],"url":"https://github.com/openclaw/openclaw/commit/7655c0cb3a47d0647cbbf5284e177f90b4b82ddb"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-in-synology-chat-plugin-via-empty-alloweduserids"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31998","reference_id":"CVE-2026-31998","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31998"},{"reference_url":"https://github.com/advisories/GHSA-gw85-xp4q-5gp9","reference_id":"GHSA-gw85-xp4q-5gp9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gw85-xp4q-5gp9"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9","reference_id":"GHSA-gw85-xp4q-5gp9","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:33:28Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-gw85-xp4q-5gp9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73161?format=json","purl":"pkg:npm/openclaw@2026.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-26du-1t53-kkg9"},{"vulnerability":"VCID-29je-aptj-rue6"},{"vulnerability":"VCID-3gqd-86hz-bbbw"},{"vulnerability":"VCID-3y9t-nf4h-3qfz"},{"vulnerability":"VCID-7bfc-65n9-rqgy"},{"vulnerability":"VCID-7pwg-9c8s-aufr"},{"vulnerability":"VCID-7qe2-mnh9-5fbm"},{"vulnerability":"VCID-9cqw-a6a2-nbav"},{"vulnerability":"VCID-b93t-4b79-kqf1"},{"vulnerability":"VCID-f15v-1uxp-k7bq"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-jaxg-4q6k-yfck"},{"vulnerability":"VCID-jvq7-fg12-qff9"},{"vulnerability":"VCID-ngkr-an54-vydw"},{"vulnerability":"VCID-q4sc-cnnf-5qhv"},{"vulnerability":"VCID-sphc-z7ve-kugm"},{"vulnerability":"VCID-t4e7-neu2-f7cg"},{"vulnerability":"VCID-up8q-9der-b3as"},{"vulnerability":"VCID-ypfb-w6h4-efdk"},{"vulnerability":"VCID-yu4j-2k7j-z7fj"},{"vulnerability":"VCID-ywq2-m4s8-y3bb"},{"vulnerability":"VCID-yz1m-hhrg-kyf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.24"}],"aliases":["CVE-2026-31998","GHSA-gw85-xp4q-5gp9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usnj-f1tv-p7eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330341?format=json","vulnerability_id":"VCID-vfsy-yqgt-4bfr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35632","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35632"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L274","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L274"},{"reference_url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L283-L291","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L283-L291"},{"reference_url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L348-L349","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/blob/main/src/gateway/server-methods/agents.ts#L348-L349"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7xr2-q9vf-x4r5","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-10T13:59:19Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7xr2-q9vf-x4r5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35632","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35632"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-via-identity-md-appendfile-in-agents-create-update","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-10T13:59:19Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-via-identity-md-appendfile-in-agents-create-update"},{"reference_url":"https://github.com/advisories/GHSA-7xr2-q9vf-x4r5","reference_id":"GHSA-7xr2-q9vf-x4r5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7xr2-q9vf-x4r5"},{"reference_url":"https://github.com/advisories/GHSA-fgvx-58p6-gjwc","reference_id":"GHSA-fgvx-58p6-gjwc","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgvx-58p6-gjwc"}],"fixed_packages":[],"aliases":["CVE-2026-35632","GHSA-7xr2-q9vf-x4r5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vfsy-yqgt-4bfr"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22938?format=json","vulnerability_id":"VCID-1z13-f6z6-5ud2","summary":"OpenClaw has a Discord `allowFrom` slug-collision authorization bypass\nOpenClaw supports Discord allowlists using either user IDs or names/tags. Name/tag matching depends on slug normalization, so different user tags can collide to the same slug and unintentionally satisfy a name-based allowlist entry.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/747bb581b3f2264495e1fec5a0727d9f2ca1b6f1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/747bb581b3f2264495e1fec5a0727d9f2ca1b6f1"},{"reference_url":"https://github.com/openclaw/openclaw/commit/f97c45c5b5e0698b6667bb5f6badc0cac7dabd12","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/f97c45c5b5e0698b6667bb5f6badc0cac7dabd12"},{"reference_url":"https://github.com/advisories/GHSA-4cqv-h74h-93j4","reference_id":"GHSA-4cqv-h74h-93j4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4cqv-h74h-93j4"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4cqv-h74h-93j4","reference_id":"GHSA-4cqv-h74h-93j4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4cqv-h74h-93j4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-4cqv-h74h-93j4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1z13-f6z6-5ud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22985?format=json","vulnerability_id":"VCID-1zvf-f1sb-pug1","summary":"OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths\nOpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/9363c320d8ffe29290906752fab92621da02c3f7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/9363c320d8ffe29290906752fab92621da02c3f7"},{"reference_url":"https://github.com/advisories/GHSA-5h2c-8v84-qpvr","reference_id":"GHSA-5h2c-8v84-qpvr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5h2c-8v84-qpvr"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2c-8v84-qpvr","reference_id":"GHSA-5h2c-8v84-qpvr","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5h2c-8v84-qpvr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-5h2c-8v84-qpvr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zvf-f1sb-pug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23029?format=json","vulnerability_id":"VCID-3nkc-4787-jfba","summary":"OpenClaw's Node role device-identity bypass allows unauthorized node.event injection\nA client authenticated with a shared gateway token could connect as `role=node` without device identity/pairing, then call `node.event` to trigger `agent.request` and `voice.transcript` flows.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32001","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2142","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32001"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/ddcb2d79b17bf2a42c5037d8aeff1537a12b931e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/"}],"url":"https://github.com/openclaw/openclaw/commit/ddcb2d79b17bf2a42c5037d8aeff1537a12b931e"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-node-role-device-identity-bypass-via-websocket-authentication","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-node-role-device-identity-bypass-via-websocket-authentication"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32001","reference_id":"CVE-2026-32001","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32001"},{"reference_url":"https://github.com/advisories/GHSA-rv2q-f2h5-6xmg","reference_id":"GHSA-rv2q-f2h5-6xmg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rv2q-f2h5-6xmg"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rv2q-f2h5-6xmg","reference_id":"GHSA-rv2q-f2h5-6xmg","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:09:39Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rv2q-f2h5-6xmg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32001","GHSA-rv2q-f2h5-6xmg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nkc-4787-jfba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22935?format=json","vulnerability_id":"VCID-41v6-vk5t-x7dr","summary":"OpenClaw has system.run shell-wrapper env injection via SHELLOPTS/PS4 can bypass allowlist intent (RCE)\n`system.run` allowed `SHELLOPTS` + `PS4` environment injection to trigger command substitution during `bash -lc` xtrace expansion before the allowlisted command body executed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32003","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21487","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32003"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/e80c803fa887f9699ad87a9e906ab5c1ff85bd9a","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/"}],"url":"https://github.com/openclaw/openclaw/commit/e80c803fa887f9699ad87a9e906ab5c1ff85bd9a"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shellopts-ps4-environment-injection-in-system-run","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shellopts-ps4-environment-injection-in-system-run"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32003","reference_id":"CVE-2026-32003","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32003"},{"reference_url":"https://github.com/advisories/GHSA-2fgq-7j6h-9rm4","reference_id":"GHSA-2fgq-7j6h-9rm4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2fgq-7j6h-9rm4"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2fgq-7j6h-9rm4","reference_id":"GHSA-2fgq-7j6h-9rm4","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:22:51Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-2fgq-7j6h-9rm4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32003","GHSA-2fgq-7j6h-9rm4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41v6-vk5t-x7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22937?format=json","vulnerability_id":"VCID-448f-b5t9-4qfb","summary":"In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program\nThis issue applies to a **non-default configuration** only.\nIf `sort` is manually added to `tools.exec.safeBins`, OpenClaw could treat `sort --compress-program=<prog>` as valid safe-bin usage.\nIn `security=allowlist` + `ask=on-miss`, this could satisfy allowlist checks and skip operator approval, while GNU `sort` may invoke an external program via `--compress-program`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32010","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15429","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32010"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/"}],"url":"https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-compress-program-parameter","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-compress-program-parameter"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32010","reference_id":"CVE-2026-32010","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32010"},{"reference_url":"https://github.com/advisories/GHSA-4gc7-qcvf-38wg","reference_id":"GHSA-4gc7-qcvf-38wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4gc7-qcvf-38wg"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4gc7-qcvf-38wg","reference_id":"GHSA-4gc7-qcvf-38wg","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T18:19:07Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4gc7-qcvf-38wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32010","GHSA-4gc7-qcvf-38wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-448f-b5t9-4qfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22998?format=json","vulnerability_id":"VCID-48g4-bch6-wuhy","summary":"OpenClaw hook transform path containment missed symlink-resolved escapes\nWhen an attacker can cause a transform module path to reference a symlinked entry that resolves outside the trusted transform directory, the gateway may import and execute unintended JavaScript with gateway-process privileges.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/f4dd0577b055f77af783105bd65eae32f3d5e6a1","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/f4dd0577b055f77af783105bd65eae32f3d5e6a1"},{"reference_url":"https://github.com/advisories/GHSA-659f-22xc-98f2","reference_id":"GHSA-659f-22xc-98f2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-659f-22xc-98f2"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-659f-22xc-98f2","reference_id":"GHSA-659f-22xc-98f2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-659f-22xc-98f2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-659f-22xc-98f2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48g4-bch6-wuhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22976?format=json","vulnerability_id":"VCID-5u6m-gc2d-uuee","summary":"OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains\n`system.run` exec allowlist analysis treated wrapper binaries as the effective executable and did not fully unwrap `env`/shell-dispatch wrappers.\n\nThis allowed wrapper-smuggled payloads (for example `env bash -lc ...`) to satisfy an allowlist entry for the wrapper while executing non-allowlisted commands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27566","reference_id":"","reference_type":"","scores":[{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27501","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27566"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/2b63592be57782c8946e521bc81286933f0f99c7","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/"}],"url":"https://github.com/openclaw/openclaw/commit/2b63592be57782c8946e521bc81286933f0f99c7"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-wrapper-binary-unwrapping-in-system-run","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-wrapper-binary-unwrapping-in-system-run"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27566","reference_id":"CVE-2026-27566","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27566"},{"reference_url":"https://github.com/advisories/GHSA-jj82-76v6-933r","reference_id":"GHSA-jj82-76v6-933r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jj82-76v6-933r"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jj82-76v6-933r","reference_id":"GHSA-jj82-76v6-933r","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T16:06:54Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jj82-76v6-933r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-27566","GHSA-jj82-76v6-933r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5u6m-gc2d-uuee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22978?format=json","vulnerability_id":"VCID-62dj-46tc-zbec","summary":"OpenClaw's system.run allowlist bypass via shell line-continuation command substitution\nIn OpenClaw `system.run` allowlist mode, shell-wrapper analysis could be bypassed by splitting command substitution as `$\\\\` + newline + `(` inside double quotes. Analysis treated the payload as allowlisted (for example `/bin/echo`), while shell runtime folded the line continuation into `$(...)` and executed non-allowlisted subcommands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28460","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08116","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28460"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/"}],"url":"https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28460","reference_id":"CVE-2026-28460","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28460"},{"reference_url":"https://github.com/advisories/GHSA-9868-vxmx-w862","reference_id":"GHSA-9868-vxmx-w862","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9868-vxmx-w862"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862","reference_id":"GHSA-9868-vxmx-w862","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T15:23:00Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-28460","GHSA-9868-vxmx-w862"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-62dj-46tc-zbec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22904?format=json","vulnerability_id":"VCID-6fzb-enfj-97ax","summary":"OpenClaw's inbound media downloads could exceed configured byte limits before rejection across multiple channels\nOpenClaw did not consistently enforce configured inbound media byte limits before buffering remote media in several channel ingestion paths. A remote sender could trigger oversized downloads and memory pressure before rejection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32049","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39265","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32049"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/"}],"url":"https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-inbound-media-download-byte-limit-bypass","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-inbound-media-download-byte-limit-bypass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32049","reference_id":"CVE-2026-32049","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32049"},{"reference_url":"https://github.com/advisories/GHSA-rxxp-482v-7mrh","reference_id":"GHSA-rxxp-482v-7mrh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rxxp-482v-7mrh"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rxxp-482v-7mrh","reference_id":"GHSA-rxxp-482v-7mrh","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:21:58Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rxxp-482v-7mrh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32049","GHSA-rxxp-482v-7mrh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fzb-enfj-97ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22972?format=json","vulnerability_id":"VCID-6qcv-e969-auht","summary":"OpenClaw has a Feishu allowFrom authorization bypass via display-name collision\nFeishu allowlist authorization could be bypassed by display-name collision.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32021","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13042","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32021"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/4ed87a667263ed2d422b9d5d5a5d326e099f92c7","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/"}],"url":"https://github.com/openclaw/openclaw/commit/4ed87a667263ed2d422b9d5d5a5d326e099f92c7"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-display-name-collision-in-feishu-allowfrom","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-display-name-collision-in-feishu-allowfrom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32021","reference_id":"CVE-2026-32021","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32021"},{"reference_url":"https://github.com/advisories/GHSA-j4xf-96qf-rx69","reference_id":"GHSA-j4xf-96qf-rx69","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j4xf-96qf-rx69"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j4xf-96qf-rx69","reference_id":"GHSA-j4xf-96qf-rx69","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:33:04Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-j4xf-96qf-rx69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32021","GHSA-j4xf-96qf-rx69"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qcv-e969-auht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23052?format=json","vulnerability_id":"VCID-71sz-dbb5-eqcr","summary":"OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode\nWhen `tools.exec.safeBins` contained a binary without an explicit safe-bin profile, OpenClaw used a permissive generic fallback profile. In allowlist mode, that could let interpreter-style binaries (for example `python3`, `node`, `ruby`) execute inline payloads via flags like `-c`.\n\nThis requires explicit operator configuration to add such binaries to `safeBins`, so impact is limited to non-default/misconfigured deployments.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/47c3f742b6c488be26dd7b9636dbbb8676089154","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/47c3f742b6c488be26dd7b9636dbbb8676089154"},{"reference_url":"https://github.com/advisories/GHSA-8mf7-vv8w-hjr2","reference_id":"GHSA-8mf7-vv8w-hjr2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8mf7-vv8w-hjr2"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-8mf7-vv8w-hjr2","reference_id":"GHSA-8mf7-vv8w-hjr2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-8mf7-vv8w-hjr2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-8mf7-vv8w-hjr2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71sz-dbb5-eqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23022?format=json","vulnerability_id":"VCID-8sa7-z4vg-a7h7","summary":"OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback\n- Auth-secret dual-use across security domains (gateway auth and prompt metadata hashing).\n- Hash outputs are visible to third-party model providers in system prompts.\n- No direct plaintext token disclosure.\n- Practical risk is highest when operators use weak gateway tokens and leave owner hash secret unset.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32897","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1864","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32897"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/"}],"url":"https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32897","reference_id":"CVE-2026-32897","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32897"},{"reference_url":"https://github.com/advisories/GHSA-v6x2-2qvm-6gv8","reference_id":"GHSA-v6x2-2qvm-6gv8","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v6x2-2qvm-6gv8"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8","reference_id":"GHSA-v6x2-2qvm-6gv8","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:43:06Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32897","GHSA-v6x2-2qvm-6gv8"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sa7-z4vg-a7h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22946?format=json","vulnerability_id":"VCID-c184-vqhe-h7hy","summary":"OpenClaw has macOS `system.run` allowlist bypass via quoted command substitution\nIn OpenClaw's macOS node-host path, `system.run` allowlist parsing in `security=allowlist` mode failed to reject command substitution tokens when they appeared inside double-quoted shell text.\n\nBecause of that gap, payloads like `echo \"ok $(id)\"` could be treated as allowlist hits (first executable token `echo`) while still executing non-allowlisted subcommands through shell substitution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22179","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65553","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22179"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/90a378ca3a9ecbf1634cd247f17a35f4612c6ca6","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/"}],"url":"https://github.com/openclaw/openclaw/commit/90a378ca3a9ecbf1634cd247f17a35f4612c6ca6"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-command-substitution-in-system-run","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-command-substitution-in-system-run"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22179","reference_id":"CVE-2026-22179","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22179"},{"reference_url":"https://github.com/advisories/GHSA-9p38-94jf-hgjj","reference_id":"GHSA-9p38-94jf-hgjj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9p38-94jf-hgjj"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9p38-94jf-hgjj","reference_id":"GHSA-9p38-94jf-hgjj","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-18T16:00:47Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9p38-94jf-hgjj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-22179","GHSA-9p38-94jf-hgjj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c184-vqhe-h7hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23016?format=json","vulnerability_id":"VCID-dae6-x8zc-5kbk","summary":"OpenClaw: macOS optional allowlist basename matching could bypass path-based policy\nOn macOS node-host, optional exec-approval allowlist mode previously treated basename-only entries (for example `echo`) as trusted command matches.\nThis could allow a same-name local binary (for example `./echo`) to run without approval under `security=allowlist` + `ask=on-miss`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32016","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04764","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32016"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/"}],"url":"https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-path-traversal-via-basename-only-allowlist-matching-on-macos","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-path-traversal-via-basename-only-allowlist-matching-on-macos"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32016","reference_id":"CVE-2026-32016","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32016"},{"reference_url":"https://github.com/advisories/GHSA-7f4q-9rqh-x36p","reference_id":"GHSA-7f4q-9rqh-x36p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7f4q-9rqh-x36p"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7f4q-9rqh-x36p","reference_id":"GHSA-7f4q-9rqh-x36p","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-21T03:20:07Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-7f4q-9rqh-x36p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32016","GHSA-7f4q-9rqh-x36p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dae6-x8zc-5kbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23026?format=json","vulnerability_id":"VCID-erwj-hmpx-f7dd","summary":"OpenClaw Loopback CDP probe can leak Gateway token to local listener\nA local process can capture the OpenClaw Gateway auth token from Chrome CDP probe traffic on loopback.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22174","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.086","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22174"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/"}],"url":"https://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22174","reference_id":"CVE-2026-22174","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22174"},{"reference_url":"https://github.com/advisories/GHSA-v3j7-34xh-6g3w","reference_id":"GHSA-v3j7-34xh-6g3w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3j7-34xh-6g3w"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w","reference_id":"GHSA-v3j7-34xh-6g3w","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T14:03:38Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-22174","GHSA-v3j7-34xh-6g3w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-erwj-hmpx-f7dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23084?format=json","vulnerability_id":"VCID-gkw1-jgms-dqc5","summary":"OpenClaw: BlueBubbles (optional plugin) pairing/allowlist mismatch when allowFrom is empty\nBlueBubbles is an optional OpenClaw channel plugin. A configuration-sensitive access-control mismatch allowed DM senders to be treated as authorized when `dmPolicy` was `pairing` or `allowlist` and `allowFrom` was empty/unset.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22170","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22568","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22170"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd"},{"reference_url":"https://github.com/openclaw/openclaw/commit/4540790cb62412676f7b61cfc6e47443f84a251e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/4540790cb62412676f7b61cfc6e47443f84a251e"},{"reference_url":"https://github.com/openclaw/openclaw/commit/51c0893673de8e5cea64e64351dbfa4680ba0dec","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/51c0893673de8e5cea64e64351dbfa4680ba0dec"},{"reference_url":"https://github.com/openclaw/openclaw/commit/9632b9bcf032c5f2280c3103961fde912ab1f920","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://github.com/openclaw/openclaw/commit/9632b9bcf032c5f2280c3103961fde912ab1f920"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-bluebubbles-access-control-bypass-via-empty-allowfrom-configuration","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-bluebubbles-access-control-bypass-via-empty-allowfrom-configuration"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22170","reference_id":"CVE-2026-22170","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22170"},{"reference_url":"https://github.com/advisories/GHSA-jwf4-8wf4-jf2m","reference_id":"GHSA-jwf4-8wf4-jf2m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jwf4-8wf4-jf2m"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m","reference_id":"GHSA-jwf4-8wf4-jf2m","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:21:26Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-22170","GHSA-jwf4-8wf4-jf2m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gkw1-jgms-dqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22969?format=json","vulnerability_id":"VCID-gzh6-b3gy-auag","summary":"OpenClaw: Zip extraction symlink traversal could write outside destination\nA path confinement bypass in OpenClaw ZIP extraction allowed writes outside the intended destination when a pre-existing symlink was present under the extraction root.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/4b226b74f5fd3b106a83a6347fd404172e2fd246","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/4b226b74f5fd3b106a83a6347fd404172e2fd246"},{"reference_url":"https://github.com/advisories/GHSA-jxrq-8fm4-9p58","reference_id":"GHSA-jxrq-8fm4-9p58","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxrq-8fm4-9p58"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jxrq-8fm4-9p58","reference_id":"GHSA-jxrq-8fm4-9p58","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-jxrq-8fm4-9p58"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-jxrq-8fm4-9p58"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzh6-b3gy-auag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22921?format=json","vulnerability_id":"VCID-jbq7-hx48-aye4","summary":"OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution\nIn `openclaw` npm releases up to and including `2026.2.21-2`, approving wrapped `system.run` commands with `allow-always` in `security=allowlist` mode could persist wrapper-level allowlist entries and enable later approval-bypass execution of different inner payloads.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29607","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25665","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29607"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/24c954d972400f508814532dea0e4dcb38418bb0","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/"}],"url":"https://github.com/openclaw/openclaw/commit/24c954d972400f508814532dea0e4dcb38418bb0"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-allow-always-wrapper-persistence","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-allow-always-wrapper-persistence"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29607","reference_id":"CVE-2026-29607","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29607"},{"reference_url":"https://github.com/advisories/GHSA-6j27-pc5c-m8w8","reference_id":"GHSA-6j27-pc5c-m8w8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6j27-pc5c-m8w8"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-6j27-pc5c-m8w8","reference_id":"GHSA-6j27-pc5c-m8w8","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T16:44:31Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-6j27-pc5c-m8w8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-29607","GHSA-6j27-pc5c-m8w8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbq7-hx48-aye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22955?format=json","vulnerability_id":"VCID-jjr9-wnqp-a7fj","summary":"OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass\n`channels.*.groups.*.toolsBySender` could match a privileged sender policy using a colliding mutable identity value (for example `senderName` or `senderUsername`) when deployments used untyped keys.\n\nThe fix introduces explicit typed sender keys (`id:`, `e164:`, `username:`, `name:`), keeps legacy untyped keys on a deprecated ID-only path, and adds regression coverage to prevent cross-identifier collisions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32039","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09865","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32039"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/5547a2275cb69413af3b62c795b93214fe913b57","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/"}],"url":"https://github.com/openclaw/openclaw/commit/5547a2275cb69413af3b62c795b93214fe913b57"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-sender-authorization-bypass-via-identity-collision-in-toolsbysender","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-sender-authorization-bypass-via-identity-collision-in-toolsbysender"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32039","reference_id":"CVE-2026-32039","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32039"},{"reference_url":"https://github.com/advisories/GHSA-wpph-cjgr-7c39","reference_id":"GHSA-wpph-cjgr-7c39","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wpph-cjgr-7c39"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-wpph-cjgr-7c39","reference_id":"GHSA-wpph-cjgr-7c39","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:50:04Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-wpph-cjgr-7c39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32039","GHSA-wpph-cjgr-7c39"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjr9-wnqp-a7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23055?format=json","vulnerability_id":"VCID-kvbs-z8cy-eba7","summary":"OpenClaw has hook auth rate limiter bypass via IPv4-mapped IPv6 client key variants\nAn attacker could split failed hook-auth attempts across both address forms and effectively double the brute-force budget from 20 to 40 attempts per 60-second window.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/3284d2eb227e7b6536d543bcf5c3e320bc9d13c5","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/3284d2eb227e7b6536d543bcf5c3e320bc9d13c5"},{"reference_url":"https://github.com/advisories/GHSA-5847-rm3g-23mw","reference_id":"GHSA-5847-rm3g-23mw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5847-rm3g-23mw"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5847-rm3g-23mw","reference_id":"GHSA-5847-rm3g-23mw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5847-rm3g-23mw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-5847-rm3g-23mw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvbs-z8cy-eba7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22927?format=json","vulnerability_id":"VCID-mcd3-wr9z-nug1","summary":"OpenClaw's Control UI Static File Handler Follows Symlinks and Allows Out-of-Root File Read\nThe Control UI static file handler previously validated asset paths lexically and then served files with APIs that follow symbolic links. A symlink placed under the Control UI root could cause out-of-root file reads.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32020","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05985","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32020"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/7c500ff6236fa087ec1ec88696ca9f6881e90dc5","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/"}],"url":"https://github.com/openclaw/openclaw/commit/7c500ff6236fa087ec1ec88696ca9f6881e90dc5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32020","reference_id":"CVE-2026-32020","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32020"},{"reference_url":"https://github.com/advisories/GHSA-5ghc-98wh-gwwf","reference_id":"GHSA-5ghc-98wh-gwwf","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5ghc-98wh-gwwf"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5ghc-98wh-gwwf","reference_id":"GHSA-5ghc-98wh-gwwf","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5ghc-98wh-gwwf"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler","reference_id":"openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T20:11:21Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-symlink-following-in-static-file-handler"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32020","GHSA-5ghc-98wh-gwwf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mcd3-wr9z-nug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22874?format=json","vulnerability_id":"VCID-mnqn-u8vr-y3bb","summary":"OpenClaw voice-call media stream validated streams after upgrade, which could allow pre-start unauthenticated sockets to increase resource pressure\n`@openclaw/voice-call` (and the bundled copy shipped in `openclaw`) accepted media-stream WebSocket upgrades before stream validation. In reachable deployments, unauthenticated pre-start sockets could be held open and increase resource pressure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32062","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.3414","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32062"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/1d8968c8a821ff1a05c294a1846b3bcb6f343794","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/"}],"url":"https://github.com/openclaw/openclaw/commit/1d8968c8a821ff1a05c294a1846b3bcb6f343794"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-unauthenticated-websocket-resource-exhaustion-via-media-stream","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-unauthenticated-websocket-resource-exhaustion-via-media-stream"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32062","reference_id":"CVE-2026-32062","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32062"},{"reference_url":"https://github.com/advisories/GHSA-mfg5-7q5g-f37j","reference_id":"GHSA-mfg5-7q5g-f37j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mfg5-7q5g-f37j"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mfg5-7q5g-f37j","reference_id":"GHSA-mfg5-7q5g-f37j","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:36:13Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-mfg5-7q5g-f37j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32062","GHSA-mfg5-7q5g-f37j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnqn-u8vr-y3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22951?format=json","vulnerability_id":"VCID-qb8b-gbya-2qas","summary":"OpenClaw's MSTeams attachment redirect handling could bypass configured media host allowlists\nIn OpenClaw MSTeams media download flows, redirect handling could bypass configured `mediaAllowHosts` checks in specific attachment paths. Redirect chains were not consistently constrained to allowlisted targets before accepting fetched content.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32037","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13037","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32037"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/"}],"url":"https://github.com/openclaw/openclaw/commit/73d93dee64127a26f1acd09d0403b794cdeb4f5c"},{"reference_url":"https://github.com/openclaw/openclaw/commit/b34097f62df9d1960cc22600269cd3f3284e2124","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/"}],"url":"https://github.com/openclaw/openclaw/commit/b34097f62df9d1960cc22600269cd3f3284e2124"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-redirect-chain-bypass-of-media-host-allowlist-in-msteams-attachment-handling","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-redirect-chain-bypass-of-media-host-allowlist-in-msteams-attachment-handling"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32037","reference_id":"CVE-2026-32037","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32037"},{"reference_url":"https://github.com/advisories/GHSA-w76h-8m22-hpgh","reference_id":"GHSA-w76h-8m22-hpgh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w76h-8m22-hpgh"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-w76h-8m22-hpgh","reference_id":"GHSA-w76h-8m22-hpgh","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:11Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-w76h-8m22-hpgh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32037","GHSA-w76h-8m22-hpgh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qb8b-gbya-2qas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22966?format=json","vulnerability_id":"VCID-qjsg-ampt-tkh7","summary":"OpenClaw's non-default safeBins sort configuration can bypass intended allowlist approval constraints\nWhen `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22169","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13801","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22169"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/"}],"url":"https://github.com/openclaw/openclaw/commit/57fbbaebca4d34d17549accf6092ae26eb7b605c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22169","reference_id":"CVE-2026-22169","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22169"},{"reference_url":"https://github.com/advisories/GHSA-vmqr-rc7x-3446","reference_id":"GHSA-vmqr-rc7x-3446","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vmqr-rc7x-3446"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-vmqr-rc7x-3446","reference_id":"GHSA-vmqr-rc7x-3446","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-vmqr-rc7x-3446"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-configuration-in-safebins","reference_id":"openclaw-allowlist-bypass-via-sort-configuration-in-safebins","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T14:04:49Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-sort-configuration-in-safebins"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-22169","GHSA-vmqr-rc7x-3446"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjsg-ampt-tkh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22895?format=json","vulnerability_id":"VCID-rkpk-f92u-fbb9","summary":"OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains\nIn the macOS companion app (**currently beta**), a parsing mismatch in exec approvals could let shell-chain payloads pass allowlist checks in `system.run` under specific settings.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31993","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21735","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31993"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/"}],"url":"https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5"},{"reference_url":"https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/"}],"url":"https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31993","reference_id":"CVE-2026-31993","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31993"},{"reference_url":"https://github.com/advisories/GHSA-5f9p-f3w2-fwch","reference_id":"GHSA-5f9p-f3w2-fwch","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f9p-f3w2-fwch"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch","reference_id":"GHSA-5f9p-f3w2-fwch","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:44:47Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-31993","GHSA-5f9p-f3w2-fwch"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rkpk-f92u-fbb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23017?format=json","vulnerability_id":"VCID-sys2-6sn1-suak","summary":"OpenClaw's avatar symlink traversal can expose out-of-workspace local files\nOpenClaw avatar handling allowed a symlink traversal path that could expose local files outside an agent workspace through gateway avatar surfaces.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32024","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18845","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32024"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/"}],"url":"https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77"},{"reference_url":"https://github.com/openclaw/openclaw/commit/6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/"}],"url":"https://github.com/openclaw/openclaw/commit/6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-avatar-handling","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-avatar-handling"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32024","reference_id":"CVE-2026-32024","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32024"},{"reference_url":"https://github.com/advisories/GHSA-rx3g-mvc3-qfjf","reference_id":"GHSA-rx3g-mvc3-qfjf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rx3g-mvc3-qfjf"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rx3g-mvc3-qfjf","reference_id":"GHSA-rx3g-mvc3-qfjf","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:55:59Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rx3g-mvc3-qfjf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32024","GHSA-rx3g-mvc3-qfjf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sys2-6sn1-suak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23081?format=json","vulnerability_id":"VCID-u1qe-2qj5-dyfg","summary":"OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization\nIn certain elevated-mode configurations, `tools.elevated.allowFrom` accepted broader identity signals than intended. The fix tightens matching to sender-scoped identity by default and makes mutable metadata matching explicit.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/6817c0ec7b4fa830123d4f5c340f075a4bd04ee2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/6817c0ec7b4fa830123d4f5c340f075a4bd04ee2"},{"reference_url":"https://github.com/advisories/GHSA-f6h3-846h-2r8w","reference_id":"GHSA-f6h3-846h-2r8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f6h3-846h-2r8w"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f6h3-846h-2r8w","reference_id":"GHSA-f6h3-846h-2r8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f6h3-846h-2r8w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-f6h3-846h-2r8w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1qe-2qj5-dyfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23095?format=json","vulnerability_id":"VCID-u2v1-9adt-afh4","summary":"OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard\n`isPrivateIpv4()` in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so `web_fetch` could allow targets that should be blocked by SSRF policy.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32019","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15802","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32019"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/333fbb86347998526dd514290adfd5f727caa6d9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://github.com/openclaw/openclaw/commit/333fbb86347998526dd514290adfd5f727caa6d9"},{"reference_url":"https://github.com/openclaw/openclaw/commit/44dfbd23df453e51b71ef79a148c28c53e89168c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://github.com/openclaw/openclaw/commit/44dfbd23df453e51b71ef79a148c28c53e89168c"},{"reference_url":"https://github.com/openclaw/openclaw/commit/71bd15bb4294d3d1b54386064d69cd0f5f731bd8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://github.com/openclaw/openclaw/commit/71bd15bb4294d3d1b54386064d69cd0f5f731bd8"},{"reference_url":"https://github.com/openclaw/openclaw/commit/f14ebd743cfc73f667fae80af70043d0ab1f88bd","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://github.com/openclaw/openclaw/commit/f14ebd743cfc73f667fae80af70043d0ab1f88bd"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-incomplete-ipv4-special-use-range-blocking-in-ssrf-guard","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-incomplete-ipv4-special-use-range-blocking-in-ssrf-guard"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32019","reference_id":"CVE-2026-32019","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32019"},{"reference_url":"https://github.com/advisories/GHSA-4rqq-w8v4-7p47","reference_id":"GHSA-4rqq-w8v4-7p47","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4rqq-w8v4-7p47"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47","reference_id":"GHSA-4rqq-w8v4-7p47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T18:02:15Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32019","GHSA-4rqq-w8v4-7p47"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2v1-9adt-afh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22940?format=json","vulnerability_id":"VCID-uvbz-2mv1-suh4","summary":"OpenClaw's shell env fallback trusts unvalidated SHELL path from host environment\nThe shell environment fallback path could invoke an attacker-controlled shell when `SHELL` was inherited from an untrusted host environment. In affected builds, shell-env loading used `$SHELL -l -c 'env -0'` without validating that `SHELL` points to a trusted executable.\n\nIn threat-model terms, this requires local environment compromise or untrusted startup environment injection first; it is not a remote pre-auth path. The hardening patch validates `SHELL` as an absolute normalized executable, prefers `/etc/shells`, applies trusted-prefix fallback checks, and falls back safely to `/bin/sh` when validation fails. The dangerous env-var policy now also blocks `SHELL` overrides.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32032","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06178","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32032"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/25e89cc86338ef475d26be043aa541dfdb95e52a","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/"}],"url":"https://github.com/openclaw/openclaw/commit/25e89cc86338ef475d26be043aa541dfdb95e52a"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-shell-execution-via-unvalidated-shell-environment-variable","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-shell-execution-via-unvalidated-shell-environment-variable"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32032","reference_id":"CVE-2026-32032","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32032"},{"reference_url":"https://github.com/advisories/GHSA-f8mp-vj46-cq8v","reference_id":"GHSA-f8mp-vj46-cq8v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f8mp-vj46-cq8v"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f8mp-vj46-cq8v","reference_id":"GHSA-f8mp-vj46-cq8v","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T20:06:36Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-f8mp-vj46-cq8v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32032","GHSA-f8mp-vj46-cq8v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvbz-2mv1-suh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23069?format=json","vulnerability_id":"VCID-vtt6-w96n-u7es","summary":"OpenClaw has agent avatar symlink traversal in gateway session metadata\nA crafted local avatar path could follow a symlink outside the agent workspace and return arbitrary file contents as a base64 `data:` URL in gateway responses.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77"},{"reference_url":"https://github.com/advisories/GHSA-9mph-4f7v-fmvh","reference_id":"GHSA-9mph-4f7v-fmvh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9mph-4f7v-fmvh"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9mph-4f7v-fmvh","reference_id":"GHSA-9mph-4f7v-fmvh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-9mph-4f7v-fmvh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-9mph-4f7v-fmvh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtt6-w96n-u7es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346887?format=json","vulnerability_id":"VCID-y39s-gbhr-yfcf","summary":"Duplicate Advisory: OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback\n### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-v6x2-2qvm-6gv8. This link is maintained to preserve external references.\n\n### Original Description\nOpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, creating dual-use of authentication secrets across security domains. Attackers with access to system prompts sent to third-party model providers can derive the gateway authentication token from the hash outputs, compromising gateway authentication security.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/c99e7696e6893083b256f0a6c88fb060f3a76fb7"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vulncheck.com/advisories/openclaw-authentication-token-reuse-in-owner-id-prompt-hashing-fallback"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32897","reference_id":"CVE-2026-32897","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32897"},{"reference_url":"https://github.com/advisories/GHSA-8mr2-f9wf-hcfq","reference_id":"GHSA-8mr2-f9wf-hcfq","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8mr2-f9wf-hcfq"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8","reference_id":"GHSA-v6x2-2qvm-6gv8","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-v6x2-2qvm-6gv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-8mr2-f9wf-hcfq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y39s-gbhr-yfcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23064?format=json","vulnerability_id":"VCID-y928-qdd4-47at","summary":"OpenClaw's tools.exec.safeBins trusted PATH directories allowed binary shadowing in allowlist mode\nIn `openclaw` allowlist mode, `tools.exec.safeBins` trusted PATH-derived directories for safe-bin resolution. A same-name binary placed in a trusted PATH directory could satisfy safe-bin checks and execute.","references":[{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/64b273a71cf0b2f2419c974832cede1fc2158729","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/commit/64b273a71cf0b2f2419c974832cede1fc2158729"},{"reference_url":"https://github.com/advisories/GHSA-qhrr-grqp-6x2g","reference_id":"GHSA-qhrr-grqp-6x2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qhrr-grqp-6x2g"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-qhrr-grqp-6x2g","reference_id":"GHSA-qhrr-grqp-6x2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-qhrr-grqp-6x2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["GHSA-qhrr-grqp-6x2g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y928-qdd4-47at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22939?format=json","vulnerability_id":"VCID-ycd1-1bv9-3yb4","summary":"OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)\n`system.run` environment sanitization allowed shell-startup env overrides (`HOME`, `ZDOTDIR`) that can execute attacker-controlled startup files before allowlist-evaluated command bodies.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32056","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40836","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32056"},{"reference_url":"https://github.com/openclaw/openclaw","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openclaw/openclaw"},{"reference_url":"https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/"}],"url":"https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906"},{"reference_url":"https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/"}],"url":"https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32056","reference_id":"CVE-2026-32056","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32056"},{"reference_url":"https://github.com/advisories/GHSA-xgf2-vxv2-rrmg","reference_id":"GHSA-xgf2-vxv2-rrmg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xgf2-vxv2-rrmg"},{"reference_url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg","reference_id":"GHSA-xgf2-vxv2-rrmg","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T18:47:57Z/"}],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73158?format=json","purl":"pkg:npm/openclaw@2026.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1syh-9dme-bfdn"},{"vulnerability":"VCID-6k3m-6kjx-yfgn"},{"vulnerability":"VCID-bbm8-2r84-puh5"},{"vulnerability":"VCID-gq39-w2ua-3ua5"},{"vulnerability":"VCID-rawy-syu6-q7g2"},{"vulnerability":"VCID-usnj-f1tv-p7eh"},{"vulnerability":"VCID-vfsy-yqgt-4bfr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}],"aliases":["CVE-2026-32056","GHSA-xgf2-vxv2-rrmg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycd1-1bv9-3yb4"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/openclaw@2026.2.22"}