每日自动更新

🛡️ UCloud OpenClaw CVEs

安全漏洞追踪面板 — 基于 cvelistV5 + GitHub Advisory Database 数据

15
已发布 CVE
139
安全公告
41
HIGH / CRITICAL
15/15
Pipeline 全部已发布
📋 CVE 列表 🔄 发布流水线 📢 安全公告 📊 漏洞分类 💡 关键洞察

📋 已发布 CVE(cvelistV5)

106
CVE ID严重性CVSS漏洞描述发布日期
CVE-2026-22172 🟣 CRITICAL 9.4 OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections 2026-03-20
CVE-2026-28466 🟣 CRITICAL 9.4 OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass 2026-03-05
CVE-2026-28446 🟣 CRITICAL 9.2 OpenClaw < 2026.2.1 - Inbound Allowlist Policy Bypass in voice-call Extension via Empty Caller ID and Suffix Matching 2026-03-05
CVE-2026-24763 🔴 HIGH 8.8 OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable 2026-02-02
CVE-2026-25253 🔴 HIGH 8.8 OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl 2026-02-01
CVE-2026-32913 🔴 HIGH 8.8 OpenClaw < 2026.3.7 - Custom Authorization Header Leakage via Cross-Origin Redirects 2026-03-23
CVE-2026-32973 🔴 HIGH 8.8 OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization 2026-03-29
CVE-2026-32974 🔴 HIGH 8.8 OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token 2026-03-29
CVE-2026-28462 🔴 HIGH 8.7 OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths 2026-03-05
CVE-2026-28478 🔴 HIGH 8.7 OpenClaw affected by denial of service via unbounded webhook request body buffering 2026-03-05
CVE-2026-28461 🔴 HIGH 8.7 OpenClaw < 2026.3.1 - Unbounded Memory Growth in Zalo Webhook via Query String Key Churn 2026-03-19
CVE-2026-32049 🔴 HIGH 8.7 OpenClaw < 2026.2.22 - Denial of Service via Inbound Media Download Byte Limit Bypass 2026-03-21
CVE-2026-32059 🔴 HIGH 8.7 OpenClaw 2026.2.22-2 < 2026.2.23 - Allowlist Bypass via sort Long-Option Abbreviation in tools.exec.safeBins 2026-03-11
CVE-2026-32060 🔴 HIGH 8.7 OpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted Paths 2026-03-11
CVE-2026-32914 🔴 HIGH 8.7 OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints 2026-03-29
CVE-2026-32062 🔴 HIGH 8.7 OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream 2026-03-11
CVE-2026-32980 🔴 HIGH 8.7 OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthenticated Telegram Webhook Request 2026-03-29
CVE-2026-35639 🔴 HIGH 8.7 OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation 2026-04-09
CVE-2026-27001 🔴 HIGH 8.6 OpenClaw: Unsanitized CWD path injection into LLM prompts 2026-02-19
CVE-2026-28463 🔴 HIGH 8.6 OpenClaw < 2026.2.14 - Arbitrary File Read via Shell Expansion in Safe Bins Allowlist 2026-03-05
CVE-2026-32014 🔴 HIGH 8.6 OpenClaw < 2026.2.26 - Node Reconnect Metadata Spoofing via Unsigned Platform Fields 2026-03-19
CVE-2026-33579 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval 2026-03-31
CVE-2026-33577 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Insufficient Scope Validation in node.pair.approve 2026-03-31
CVE-2026-32064 🔴 HIGH 8.5 OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer 2026-03-21
CVE-2026-28482 🔴 HIGH 8.4 OpenClaw < 2026.2.12 - Path Traversal via Unsanitized sessionId and sessionFile Parameters 2026-03-05
CVE-2026-35641 🔴 HIGH 8.4 OpenClaw < 2026.3.24 - Arbitrary Code Execution via .npmrc in Local Plugin/Hook Installation 2026-04-10
CVE-2026-35618 🔴 HIGH 8.3 OpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only Variants in Plivo V2 Verification 2026-04-09
CVE-2026-28464 🔴 HIGH 8.2 OpenClaw < 2026.2.12 - Timing Attack in Hooks Token Authentication 2026-03-05
CVE-2026-28465 🔴 HIGH 8.2 OpenClaw voice-call < 2026.2.3 - Webhook Verification Bypass via Forwarded Headers 2026-03-05
CVE-2026-28469 🔴 HIGH 8.2 OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting 2026-03-05
CVE-2026-32030 🔴 HIGH 8.2 OpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path Traversal 2026-03-19
CVE-2026-32045 🔴 HIGH 8.2 OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth 2026-03-21
CVE-2026-25157 🔴 HIGH 7.8 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand 2026-02-04
CVE-2026-32056 🔴 HIGH 7.7 OpenClaw < 2026.2.22 - Remote Code Execution via Shell Startup Environment Variable Injection in system.run 2026-03-21
CVE-2026-25474 🔴 HIGH 7.5 OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass 2026-02-19
CVE-2026-26324 🔴 HIGH 7.5 OpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable) 2026-02-19
CVE-2026-26319 🔴 HIGH 7.5 OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests 2026-02-19
CVE-2026-28485 🔴 HIGH 7.5 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints 2026-03-05
CVE-2026-32003 🔴 HIGH 7.5 OpenClaw < 2026.2.22 - Remote Code Execution via SHELLOPTS/PS4 Environment Injection in system.run 2026-03-19
CVE-2026-32041 🔴 HIGH 7.5 OpenClaw < 2026.3.1 - Unauthenticated Browser Control Access via Failed Auth Bootstrap 2026-03-19
CVE-2026-28458 🔴 HIGH 7.4 OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access 2026-03-05
CVE-2026-32015 🔴 HIGH 7.3 OpenClaw 2026.1.21 < 2026.2.19 - PATH Hijacking Bypass in tools.exec.safeBins Allowlist Validation 2026-03-19
CVE-2026-32055 🔴 HIGH 7.2 OpenClaw < 2026.2.26 - Workspace Path Boundary Bypass via Non-existent Symlink 2026-03-21
CVE-2026-26320 🔴 HIGH 7.1 OpenClaw macOS deep link confirmation truncation can conceal executed agent message 2026-02-19
CVE-2026-26317 🔴 HIGH 7.1 OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints 2026-02-19
CVE-2026-28459 🔴 HIGH 7.1 OpenClaw < 2026.2.12 - Arbitrary File Write via Untrusted sessionFile Path 2026-03-05
CVE-2026-31992 🔴 HIGH 7.1 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S 2026-03-19
CVE-2026-32976 🔴 HIGH 7.1 OpenClaw < 2026.3.11 - Account-Scoped configWrites Policy Bypass via Channel Commands 2026-03-31
CVE-2026-33581 🔴 HIGH 7.1 OpenClaw < 2026.3.24 - Arbitrary File Read via mediaUrl and fileUrl Parameters 2026-03-31
CVE-2026-35631 🔴 HIGH 7.1 OpenClaw < 2026.3.22 - Missing Authorization Enforcement in Internal ACP Chat Commands 2026-04-09
CVE-2026-35636 🔴 HIGH 7.1 OpenClaw 2026.3.11 < 2026.3.25 - Session Isolation Bypass via sessionId Resolution 2026-04-09
CVE-2026-40037 🔴 HIGH 7.1 OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects 2026-04-08
CVE-2026-35668 🔴 HIGH 7.1 OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters 2026-04-10
CVE-2026-28447 🔴 HIGH 7 OpenClaw 2026.1.29-beta.1 < 2026.2.1 - Path Traversal in Plugin Installation via Package Name 2026-03-05
CVE-2026-32979 🔴 HIGH 7 OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval 2026-03-29
CVE-2026-27545 🟡 MEDIUM 6.9 OpenClaw < 2026.2.26 - Approval Bypass via Parent Symlink Current Working Directory Rebind 2026-03-18
CVE-2026-27003 🟡 MEDIUM 6.9 OpenClaw: Telegram bot token exposure via logs 2026-02-19
CVE-2026-28467 🟡 MEDIUM 6.9 OpenClaw < 2026.2.2 - SSRF via Attachment Media URL Hydration 2026-03-05
CVE-2026-28480 🟡 MEDIUM 6.9 OpenClaw Telegram allowlist authorization accepted mutable usernames 2026-03-05
CVE-2026-32975 🟡 MEDIUM 6.9 OpenClaw < 2026.3.12 - Weak Authorization via Mutable Group Names in Zalouser Allowlist 2026-03-29
CVE-2026-32919 🟡 MEDIUM 6.9 OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands 2026-03-29
CVE-2026-35632 🟡 MEDIUM 6.9 OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update 2026-04-09
CVE-2026-35633 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses 2026-04-09
CVE-2026-35652 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Unauthorized Action Execution via Callback Dispatch 2026-04-10
CVE-2026-35664 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks 2026-04-10
CVE-2026-35667 🟡 MEDIUM 6.9 OpenClaw < 2026.3.24 - Improper Process Termination via Unpatched killProcessTree in shell-utils.ts 2026-04-10
CVE-2026-28486 🟡 MEDIUM 6.8 OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands 2026-03-05
CVE-2026-29612 🟡 MEDIUM 6.8 OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding 2026-03-05
CVE-2026-26972 🟡 MEDIUM 6.7 OpenClaw has a Path Traversal in Browser Download Functionality 2026-02-19
CVE-2026-28452 🟡 MEDIUM 6.7 OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR) 2026-03-05
CVE-2026-32044 🟡 MEDIUM 6.7 OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation 2026-03-21
CVE-2026-25475 🟡 MEDIUM 6.5 OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction 2026-02-04
CVE-2026-26328 🟡 MEDIUM 6.5 OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities 2026-02-19
CVE-2026-28449 🟡 MEDIUM 6.3 OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression 2026-03-19
CVE-2026-28475 🟡 MEDIUM 6.3 OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison 2026-03-05
CVE-2026-32031 🟡 MEDIUM 6.3 OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway 2026-03-19
CVE-2026-32029 🟡 MEDIUM 6.3 OpenClaw < 2026.2.21 - Client IP Spoofing via X-Forwarded-For Header Parsing 2026-03-19
CVE-2026-32050 🟡 MEDIUM 6.3 OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass 2026-03-21
CVE-2026-32896 🟡 MEDIUM 6.3 OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin 2026-03-21
CVE-2026-33580 🟡 MEDIUM 6.3 OpenClaw < 2026.3.28 - Brute Force Attack via Missing Rate Limiting on Webhook Shared Secret Authentication 2026-03-31
CVE-2026-35649 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist 2026-04-10
CVE-2026-35656 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter 2026-04-10
CVE-2026-35645 🟡 MEDIUM 6.1 OpenClaw < 2026.3.25 - Privilege Escalation via Synthetic operator.admin in deleteSession 2026-04-09
CVE-2026-32023 🟡 MEDIUM 6 OpenClaw < 2026.2.24 - Approval Gating Bypass via Dispatch-Wrapper Depth-Cap Mismatch in system.run 2026-03-19
CVE-2026-32002 🟡 MEDIUM 6 OpenClaw < 2026.2.23 - Sandbox Boundary Bypass via Image Tool workspaceOnly Bypass 2026-03-19
CVE-2026-32017 🟡 MEDIUM 6 OpenClaw < 2026.2.19 - Arbitrary File Write via Short-Option Bypass in exec Allowlist 2026-03-19
CVE-2026-32033 🟡 MEDIUM 6 OpenClaw < 2026.2.24 - Path Traversal via @-prefixed Absolute Paths in Workspace Boundary Validation 2026-03-19
CVE-2026-34511 🟡 MEDIUM 6 OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter 2026-04-03
CVE-2026-35622 🟡 MEDIUM 6 OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook 2026-04-09
CVE-2026-35658 🟡 MEDIUM 6 OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool 2026-04-10
CVE-2026-35670 🟡 MEDIUM 6 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat 2026-04-10
CVE-2026-22174 🟡 MEDIUM 5.9 OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe 2026-03-18
CVE-2026-27670 🟡 MEDIUM 5.8 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition 2026-03-19
CVE-2026-32010 🟡 MEDIUM 5.8 OpenClaw < 2026.2.22 - Allowlist Bypass via sort --compress-program Parameter 2026-03-19
CVE-2026-31995 🟡 MEDIUM 5.8 OpenClaw 2026.1.21 < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Extension 2026-03-19
CVE-2026-32035 🟡 MEDIUM 5.8 OpenClaw < 2026.3.2 - Missing Owner Flag Validation in Discord Voice Transcript Handler 2026-03-19
CVE-2026-32921 🟡 MEDIUM 5.3 OpenClaw < 2026.3.8 - Script Content Modification via Mutable Operand Binding in system.run 2026-03-31
CVE-2026-34425 🟡 MEDIUM 5.3 OpenClaw - Shell-Bleed Protection Preflight Validation Bypass 2026-04-02
CVE-2026-35629 🟡 MEDIUM 5.3 OpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel Extensions 2026-04-09
CVE-2026-32020 🟡 MEDIUM 4.8 OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler 2026-03-19
CVE-2026-32046 🟡 MEDIUM 4.8 OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag 2026-03-21
CVE-2026-27485 🟡 MEDIUM 4.6 OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection 2026-02-21
CVE-2026-27486 🟡 MEDIUM 4.3 OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup 2026-02-21
CVE-2026-24764 🟢 LOW 3.7 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions 2026-02-19
CVE-2026-31996 🟢 LOW 2 OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags 2026-03-19
CVE-2026-32970 🟢 LOW 2 OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs 2026-03-31

🔄 CVE 发布流水线

15/15 已发布
CVE ID状态CNAGHSA 发布日期cvelistV5
CVE-2026-24763 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25253 ✅ PUBLISHED mitre 2026-02-02 ✅ 已收录
CVE-2026-26317 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-26328 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-28452 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28458 ✅ PUBLISHED VulnCheck 2026-02-17 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-34425 ✅ PUBLISHED VulnCheck 2026-04-06 ✅ 已收录
CVE-2026-34511 ✅ PUBLISHED VulnCheck 2026-04-04 ✅ 已收录
CVE-2026-40037 ✅ PUBLISHED VulnCheck 2026-04-09 ✅ 已收录
CVE-2026-6011 ✅ PUBLISHED 2026-04-10 ✅ 已收录
CVE-2026-40037 ✅ PUBLISHED | [GHSA-5wj5-87vq-39xm](https://github.com/advisories/GHSA-5wj5-87vq-39xm) 2026-04-09 ✅ 已收录
CVE-2026-34511 ✅ PUBLISHED | [GHSA-q9w8-cf67-r238](https://github.com/advisories/GHSA-q9w8-cf67-r238) 2026-04-04 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED | [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q) 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED | [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h) 2026-02-18 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED | [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq) 2026-02-02 ✅ 已收录
CVE-2026-24763 ✅ PUBLISHED | [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w) 2026-02-02 ✅ 已收录
CVE-2026-34425 ✅ PUBLISHED | [GHSA-ch86-pxr9-j9h9](https://github.com/advisories/GHSA-ch86-pxr9-j9h9) 2026-04-06 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED | [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj) 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED | [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m) 2026-02-18 ✅ 已收录
CVE-2026-6011 ✅ PUBLISHED | [GHSA-cm8v-2vh9-cxf3](https://github.com/advisories/GHSA-cm8v-2vh9-cxf3) 2026-04-10 ✅ 已收录

📢 安全公告精选

139+
GHSA-9p3r-hh9 CRITICAL
OpenClaw: Sandbox escape via TOCTOU race in remote FS bridge readFile
2026-04-03
GHSA-r3v5-2gr HIGH
Duplicate Advisory: OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve
2026-04-10
GHSA-j56c-wpq HIGH
Duplicate Advisory: OpenClaw: Plivo V2 verified replay identity drifts on query-only variants
2026-04-10
GHSA-qx8j-g32 HIGH
OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects
2026-04-09 CVE-2026-40037
GHSA-5wj5-87v HIGH
OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement
2026-04-09
GHSA-7437-7hg HIGH
OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)
2026-04-09
GHSA-jf56-mcc HIGH
OpenClaw: Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel
2026-04-09
GHSA-gfmx-pph HIGH
OpenClaw: Lower-trust background runtime output is injected into trusted `System:` events, and local async exec completion misses the intended `exec-event` downgrade
2026-04-09
GHSA-pg8g-f2h HIGH
Duplicate Advisory: OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects
2026-04-09
GHSA-vfw7-6rh HIGH
OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config
2026-04-07
GHSA-9jpj-g8v HIGH
OpenClaw: Gemini OAuth exposed the PKCE verifier through the OAuth state parameter
2026-04-04 CVE-2026-34511
GHSA-q9w8-cf6 HIGH
OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration
2026-04-03

📊 漏洞分类

白名单绕过 (Allowlist Bypass)
60
注入攻击 (XSS/CSRF/Prompt/Command)
34
认证绕过 / 缺失认证
10
SSRF
5
拒绝服务 (DoS)
6
路径穿越 (CWE-22)
3
原型污染 (Prototype Pollution)
1

💡 关键洞察

📈
7.1
平均 CVSS 评分
🔴
273%
HIGH 及以上漏洞占比
100%
CVE 已发布到 cvelistV5
🛡️
100%
已提供修复版本
🏢
3
CNA 来源 (VulnCheck / GitHub / MITRE)
📦
npm
受影响包 (openclaw)