UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

137

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-32922	🟣 CRITICAL	9.4	OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate	2026-03-29
CVE-2026-32978	🟣 CRITICAL	9.4	OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners	2026-03-29
CVE-2026-32987	🟣 CRITICAL	9.3	OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing	2026-03-29
CVE-2026-28472	🟣 CRITICAL	9.2	OpenClaw < 2026.2.2 - Device Identity Check Bypass in Gateway WebSocket Connect Handshake	2026-03-05
CVE-2026-32916	🟣 CRITICAL	9.2	OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes	2026-03-31
CVE-2026-44109	🟣 CRITICAL	9.2	OpenClaw: Feishu webhook and card-action validation now fail closed	2026-05-06
CVE-2026-43585	🟣 CRITICAL	9.2	OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation	2026-05-06
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-32974	🔴 HIGH	8.8	OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token	2026-03-29
CVE-2026-32973	🔴 HIGH	8.8	OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization	2026-03-29
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-28479	🔴 HIGH	8.7	OpenClaw < 2026.2.15 - Cache Poisoning via Deprecated SHA-1 Hash in Sandbox Configuration	2026-03-05
CVE-2026-32011	🔴 HIGH	8.7	OpenClaw < 2026.3.2 - Slow-Request Denial of Service via Pre-Auth Webhook Body Parsing	2026-03-19
CVE-2026-32062	🔴 HIGH	8.7	OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream	2026-03-11
CVE-2026-32846	🔴 HIGH	8.7	OpenClaw Media Parsing Path Traversal to Arbitrary File Read	2026-03-26
CVE-2026-35639	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation	2026-04-09
CVE-2026-32982	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs	2026-03-31
CVE-2026-41399	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	2026-04-28
CVE-2026-42435	🔴 HIGH	8.7	OpenClaw 2026.2.22 < 2026.4.12 - Shell-Wrapper Detection Bypass via Environment Variable Assignment Injection	2026-05-05
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-28463	🔴 HIGH	8.6	OpenClaw < 2026.2.14 - Arbitrary File Read via Shell Expansion in Safe Bins Allowlist	2026-03-05
CVE-2026-32920	🔴 HIGH	8.6	OpenClaw < 2026.3.12 - Arbitrary Code Execution via Auto-Discovery of Workspace Plugins	2026-03-31
CVE-2026-35643	🔴 HIGH	8.6	OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterface	2026-04-10
CVE-2026-32064	🔴 HIGH	8.5	OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer	2026-03-21
CVE-2026-44114	🔴 HIGH	8.5	OpenClaw: Workspace dotenv could override runtime-control environment variables	2026-05-06
CVE-2026-44118	🔴 HIGH	8.5	OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Token Header	2026-05-06
CVE-2026-45004	🔴 HIGH	8.4	OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution	2026-05-11
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-32302	🔴 HIGH	8.1	OpenClaw: Untrusted web origins can obtain authenticated operator.admin access in trusted-proxy mode	2026-03-12
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-41404	🔴 HIGH	7.7	OpenClaw < 2026.3.31 - Operator Admin Privilege Escalation via Trusted-Proxy Authentication	2026-04-28
CVE-2026-42422	🔴 HIGH	7.7	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function	2026-04-28
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries	2026-05-06
CVE-2026-41397	🔴 HIGH	7.6	OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal	2026-04-28
CVE-2026-42431	🔴 HIGH	7.6	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass	2026-04-28
CVE-2026-43535	🔴 HIGH	7.6	OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches	2026-05-05
CVE-2026-25474	🔴 HIGH	7.5	OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass	2026-02-19
CVE-2026-28485	🔴 HIGH	7.5	OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints	2026-03-05
CVE-2026-42428	🔴 HIGH	7.5	OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads	2026-04-28
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-32971	🔴 HIGH	7.3	OpenClaw < 2026.3.11 - Node-Host Approval UI Mismatch Allows Execution of Unintended Commands	2026-03-31
CVE-2026-26325	🔴 HIGH	7.2	OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals	2026-02-19
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-22175	🔴 HIGH	7.1	OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers	2026-03-18
CVE-2026-26329	🔴 HIGH	7.1	OpenClaw has a path traversal in browser upload allows local file read	2026-02-19
CVE-2026-26320	🔴 HIGH	7.1	OpenClaw macOS deep link confirmation truncation can conceal executed agent message	2026-02-19
CVE-2026-32027	🔴 HIGH	7.1	OpenClaw < 2026.2.26 - Improper Authorization via DM Pairing Store Identity Inheritance in Group Allowlist	2026-03-19
CVE-2026-35631	🔴 HIGH	7.1	OpenClaw < 2026.3.22 - Missing Authorization Enforcement in Internal ACP Chat Commands	2026-04-09
CVE-2026-40037	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Unsafe Request Body Replay via fetchWithSsrFGuard Cross-Origin Redirects	2026-04-08
CVE-2026-41379	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config	2026-04-28
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43528	🔴 HIGH	7.1	OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-43568	🔴 HIGH	7.1	OpenClaw 2026.4.5 < 2026.4.10 - Privilege Escalation via Memory Dreaming Configuration in /dreaming Endpoint	2026-05-05
CVE-2026-41380	🔴 HIGH	7	OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables	2026-04-28
CVE-2026-43531	🔴 HIGH	7	OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File	2026-05-05
CVE-2026-22178	🟡 MEDIUM	6.9	OpenClaw < 2026.2.19 - ReDoS and Regex Injection via Unescaped Feishu Mention Metadata	2026-03-18
CVE-2026-22176	🟡 MEDIUM	6.9	OpenClaw < 2026.2.19 - Command Injection via Unescaped Environment Variables in Windows Scheduled Task Script Generation	2026-03-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-31994	🟡 MEDIUM	6.9	OpenClaw < 2026.2.19 - Local Command Injection via Unsafe cmd Argument Handling in Windows Scheduled Task Script Generation	2026-03-19
CVE-2026-31990	🟡 MEDIUM	6.9	OpenClaw < 2026.3.2 - Symlink Traversal in stageSandboxMedia Destination	2026-03-19
CVE-2026-32924	🟡 MEDIUM	6.9	OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu	2026-03-29
CVE-2026-34510	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Remote File URL Acceptance in Windows Media Loaders	2026-04-01
CVE-2026-35633	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses	2026-04-09
CVE-2026-35665	🟡 MEDIUM	6.9	OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing	2026-04-10
CVE-2026-35626	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook	2026-04-09
CVE-2026-41301	🟡 MEDIUM	6.9	OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairing State Creation via Signature Verification Bypass	2026-04-20
CVE-2026-44116	🟡 MEDIUM	6.9	OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation	2026-05-06
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-32044	🟡 MEDIUM	6.7	OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation	2026-03-21
CVE-2026-25475	🟡 MEDIUM	6.5	OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction	2026-02-04
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-28475	🟡 MEDIUM	6.3	OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison	2026-03-05
CVE-2026-41337	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay	2026-04-23
CVE-2026-41340	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Authentication Boundary Bypass via Telegram Legacy allowFrom Migration	2026-04-23
CVE-2026-41346	🟡 MEDIUM	6.3	OpenClaw 2026.2.26 < 2026.3.31 - Denial of Service via Improper Pending Pairing Request Cap Enforcement	2026-04-23
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-43572	🟡 MEDIUM	6.3	OpenClaw 2026.4.10 < 2026.4.14 - Missing Sender Authorization in Microsoft Teams SSO Invoke Handler	2026-05-05
CVE-2026-44117	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload	2026-05-06
CVE-2026-44994	🟡 MEDIUM	6.3	OpenClaw < 2026.4.22 - Authentication Bypass in Gateway Control UI Bootstrap Config Endpoint	2026-05-11
CVE-2026-45002	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping	2026-05-11
CVE-2026-44999	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Improper Trust Labeling in Isolated Cron Awareness Events	2026-05-11
CVE-2026-22181	🟡 MEDIUM	6.1	OpenClaw < 2026.3.2 - DNS Pinning Bypass via Environment Proxy Configuration in web_fetch	2026-03-18
CVE-2026-28460	🟡 MEDIUM	6	OpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.run	2026-03-19
CVE-2026-32033	🟡 MEDIUM	6	OpenClaw < 2026.2.24 - Path Traversal via @-prefixed Absolute Paths in Workspace Boundary Validation	2026-03-19
CVE-2026-32057	🟡 MEDIUM	6	OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter	2026-03-21
CVE-2026-35670	🟡 MEDIUM	6	OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat	2026-04-10
CVE-2026-41345	🟡 MEDIUM	6	OpenClaw < 2026.3.31 - Authorization Header Leak via Cross-Origin Redirect in Media Download	2026-04-23
CVE-2026-41363	🟡 MEDIUM	6	OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter	2026-04-27
CVE-2026-43570	🟡 MEDIUM	6	OpenClaw contains a symlink traversal vulnerability	2026-05-05
CVE-2026-44113	🟡 MEDIUM	6	OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes	2026-05-06
CVE-2026-44112	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes	2026-05-06
CVE-2026-43579	🟡 MEDIUM	6	OpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation Routes	2026-05-06
CVE-2026-22174	🟡 MEDIUM	5.9	OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe	2026-03-18
CVE-2026-45005	🟡 MEDIUM	5.9	OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invalidated After Rotation	2026-05-11
CVE-2026-41373	🟡 MEDIUM	5.8	OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy	2026-04-28
CVE-2026-44995	🟡 MEDIUM	5.4	OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config	2026-05-11
CVE-2026-35620	🟡 MEDIUM	5.3	OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands	2026-04-10
CVE-2026-32898	🟡 MEDIUM	5.3	OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata	2026-03-21
CVE-2026-35619	🟡 MEDIUM	5.3	OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint	2026-04-10
CVE-2026-41339	🟡 MEDIUM	5.3	OpenClaw < 2026.4.2 - Information Disclosure via Gateway Connect Snapshot	2026-04-23
CVE-2026-41344	🟡 MEDIUM	5.3	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter	2026-04-23
CVE-2026-41367	🟡 MEDIUM	5.3	OpenClaw 2026.2.14 < 2026.3.28 - Policy Enforcement Bypass in Discord Component Interactions	2026-04-27
CVE-2026-41365	🟡 MEDIUM	5.3	OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API Thread History	2026-04-27
CVE-2026-35659	🟡 MEDIUM	5.1	OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery	2026-04-10
CVE-2026-41914	🟡 MEDIUM	5.1	OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths	2026-04-28
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-43580	🟡 MEDIUM	4.9	OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage	2026-05-06
CVE-2026-43582	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass	2026-05-06
CVE-2026-43576	🟡 MEDIUM	4.9	OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL	2026-05-06
CVE-2026-22180	🟡 MEDIUM	4.8	OpenClaw < 2026.3.2 - Path Confinement Bypass in Browser Output and File Write Operations	2026-03-18
CVE-2026-32020	🟡 MEDIUM	4.8	OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler	2026-03-19
CVE-2026-27485	🟡 MEDIUM	4.6	OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection	2026-02-21
CVE-2026-31997	🟡 MEDIUM	4.4	OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals	2026-03-19
CVE-2026-27486	🟡 MEDIUM	4.3	OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup	2026-02-21
CVE-2026-44992	🟡 MEDIUM	4.1	OpenClaw 2026.4.5 < 2026.4.20 - MiniMax API Host Override via Workspace dotenv	2026-05-11
CVE-2026-45003	🟡 MEDIUM	4.1	OpenClaw: Workspace dotenv files cannot override connector endpoint hosts	2026-05-11
CVE-2026-24764	🟢 LOW	3.7	OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions	2026-02-19
CVE-2026-35624	🟢 LOW	2.3	OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk	2026-04-09
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41402	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-44991	🟢 LOW	2.3	OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners	2026-05-11
CVE-2026-45000	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery via Browser CDP Profile Creation	2026-05-11
CVE-2026-44997	🟢 LOW	2.3	OpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child Sessions	2026-05-11
CVE-2026-44998	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Tool Policy Bypass via Bundled MCP/LSP Tools	2026-05-11

🔄 CVE 发布流水线

48/48 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43576	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43580	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44110	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44112	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44117	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	VulnCheck	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44997	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44999	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45002	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	\| [GHSA-cwj3-vqpp-pmxr](https://github.com/advisories/GHSA-cwj3-vqpp-pmxr)	2026-05-05	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	\| [GHSA-5mh4-3rv3-fpcf](https://github.com/advisories/GHSA-5mh4-3rv3-fpcf)	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	\| [GHSA-394x-274p-mqc6](https://github.com/advisories/GHSA-394x-274p-mqc6)	2026-04-25	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	\| [GHSA-2gvc-4f3c-2855](https://github.com/advisories/GHSA-2gvc-4f3c-2855)	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	\| [GHSA-66r7-m7xm-v49h](https://github.com/advisories/GHSA-66r7-m7xm-v49h)	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	\| [GHSA-7jp6-r74r-995q](https://github.com/advisories/GHSA-7jp6-r74r-995q)	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	\| [GHSA-939r-rj45-g2rj](https://github.com/advisories/GHSA-939r-rj45-g2rj)	2026-04-17	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	\| [GHSA-525j-hqq2-66r4](https://github.com/advisories/GHSA-525j-hqq2-66r4)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	\| [GHSA-35mw-5vvr-vrxc](https://github.com/advisories/GHSA-35mw-5vvr-vrxc)	2026-05-05	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	\| [GHSA-wppj-c6mr-83jj](https://github.com/advisories/GHSA-wppj-c6mr-83jj)	2026-05-04	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	\| [GHSA-q3jj-46pq-826r](https://github.com/advisories/GHSA-q3jj-46pq-826r)	2026-05-04	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	\| [GHSA-93rg-2xm5-2p9v](https://github.com/advisories/GHSA-93rg-2xm5-2p9v)	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	\| [GHSA-gfg9-5357-hv4c](https://github.com/advisories/GHSA-gfg9-5357-hv4c)	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	\| [GHSA-c4qg-j8jg-42q5](https://github.com/advisories/GHSA-c4qg-j8jg-42q5)	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	\| [GHSA-2xcp-x87w-q377](https://github.com/advisories/GHSA-2xcp-x87w-q377)	2026-04-25	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-f7fh-qg34-x2xh](https://github.com/advisories/GHSA-f7fh-qg34-x2xh)	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	\| [GHSA-536q-mj95-h29h](https://github.com/advisories/GHSA-536q-mj95-h29h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	\| [GHSA-2767-2q9v-9326](https://github.com/advisories/GHSA-2767-2q9v-9326)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-57r2-h2wj-g887](https://github.com/advisories/GHSA-57r2-h2wj-g887)	2026-05-04	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	\| [GHSA-j4c5-89f5-f3pm](https://github.com/advisories/GHSA-j4c5-89f5-f3pm)	2026-04-25	✅ 已收录

📢 安全公告精选

165+

GHSA-m8wm-r5v CRITICAL

Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-05-06

GHSA-cjg8-85g CRITICAL

Duplicate Advisory: OpenClaw: Feishu webhook and card-action validation now fail closed

2026-05-06

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17 CVE-2026-44109

GHSA-xmxx-7p2 CRITICAL

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-04-17 CVE-2026-43585

GHSA-xpr6-2hg HIGH

Duplicate Advisory: OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-11

GHSA-9r9j-3r2 HIGH

Duplicate Advisory: OpenClaw: Workspace dotenv could override runtime-control environment variables

2026-05-06

GHSA-35vf-vw9 HIGH

Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-06

GHSA-xrgf-r9g HIGH

Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

2026-05-06

GHSA-79rr-5c8 HIGH

Duplicate Advisory: OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

2026-05-06

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05 CVE-2026-45004

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04 CVE-2026-44118

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.7

平均 CVSS 评分

🔴

115%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察