UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

127

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-22172	🟣 CRITICAL	9.4	OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections	2026-03-20
CVE-2026-28466	🟣 CRITICAL	9.4	OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass	2026-03-05
CVE-2026-32987	🟣 CRITICAL	9.3	OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing	2026-03-29
CVE-2026-43534	🟣 CRITICAL	9.3	OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events	2026-05-05
CVE-2026-32917	🟣 CRITICAL	9.2	OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP	2026-03-31
CVE-2026-32916	🟣 CRITICAL	9.2	OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes	2026-03-31
CVE-2026-43575	🟣 CRITICAL	9.2	OpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper Route	2026-05-06
CVE-2026-43566	🟣 CRITICAL	9.1	OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events	2026-05-05
CVE-2026-41329	🟣 CRITICAL	9	OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Context Inheritance and senderIsOwner Escalation	2026-04-20
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-22171	🔴 HIGH	8.8	OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming	2026-03-18
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-41296	🔴 HIGH	8.8	OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile	2026-04-20
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-29609	🔴 HIGH	8.7	OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch	2026-03-05
CVE-2026-32062	🔴 HIGH	8.7	OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream	2026-03-11
CVE-2026-32980	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthenticated Telegram Webhook Request	2026-03-29
CVE-2026-35639	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation	2026-04-09
CVE-2026-35638	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI	2026-04-09
CVE-2026-41303	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Authorization Bypass in Discord Text Approval Commands	2026-04-20
CVE-2026-41399	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	2026-04-28
CVE-2026-42435	🔴 HIGH	8.7	OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms	2026-05-05
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-34503	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation	2026-03-31
CVE-2026-41295	🔴 HIGH	8.5	OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shadow Code Execution during Built-in Channel Setup	2026-04-20
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-29611	🔴 HIGH	8.2	OpenClaw < 2026.2.14 - Local File Inclusion via mediaPath Parameter in BlueBubbles Media Handling	2026-03-05
CVE-2026-32045	🔴 HIGH	8.2	OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth	2026-03-21
CVE-2026-42437	🔴 HIGH	8.2	OpenClaw: Voice-call realtime WebSocket accepted oversized frames	2026-05-05
CVE-2026-32302	🔴 HIGH	8.1	OpenClaw: Untrusted web origins can obtain authenticated operator.admin access in trusted-proxy mode	2026-03-12
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-35666	🔴 HIGH	7.7	OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper	2026-04-10
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw < 2026.4.15 - Authorization Bypass in Matrix Room Control Commands via DM Pairing Store	2026-05-06
CVE-2026-42431	🔴 HIGH	7.6	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass	2026-04-28
CVE-2026-43535	🔴 HIGH	7.6	OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches	2026-05-05
CVE-2026-25474	🔴 HIGH	7.5	OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass	2026-02-19
CVE-2026-26321	🔴 HIGH	7.5	OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension	2026-02-19
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-41342	🔴 HIGH	7.4	OpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Remote Onboarding	2026-04-23
CVE-2026-32016	🔴 HIGH	7.3	OpenClaw < 2026.2.22 - Path Traversal via Basename-Only Allowlist Matching on macOS	2026-03-19
CVE-2026-35653	🔴 HIGH	7.2	OpenClaw < 2026.3.24 - Incorrect Authorization in POST /reset-profile via browser.request	2026-04-10
CVE-2026-41364	🔴 HIGH	7.2	OpenClaw < 2026.3.31 - Arbitrary File Write via Symlink Following in SSH Sandbox Tar Upload	2026-04-27
CVE-2026-22168	🔴 HIGH	7.1	OpenClaw < 2026.2.21 - Command Injection via cmd.exe /c Trailing Arguments in system.run	2026-03-18
CVE-2026-26327	🔴 HIGH	7.1	OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning	2026-02-19
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-27566	🔴 HIGH	7.1	OpenClaw < 2026.2.22 - Allowlist Bypass via Wrapper Binary Unwrapping in system.run	2026-03-19
CVE-2026-35621	🔴 HIGH	7.1	OpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist Persistence	2026-04-10
CVE-2026-41299	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard	2026-04-20
CVE-2026-41359	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence	2026-04-23
CVE-2026-41375	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints	2026-04-28
CVE-2026-41385	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass	2026-04-28
CVE-2026-41379	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config	2026-04-28
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43528	🔴 HIGH	7.1	OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases	2026-05-05
CVE-2026-43568	🔴 HIGH	7.1	OpenClaw: Memory dreaming config persistence was reachable from operator.write commands	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-41380	🔴 HIGH	7	OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables	2026-04-28
CVE-2026-43531	🔴 HIGH	7	OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File	2026-05-05
CVE-2026-27004	🟡 MEDIUM	6.9	OpenClaw session tool visibility hardening and Telegram webhook secret fallback	2026-02-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-32919	🟡 MEDIUM	6.9	OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands	2026-03-29
CVE-2026-35627	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling	2026-04-09
CVE-2026-35633	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses	2026-04-09
CVE-2026-35632	🟡 MEDIUM	6.9	OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update	2026-04-09
CVE-2026-35652	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthorized Action Execution via Callback Dispatch	2026-04-10
CVE-2026-35626	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook	2026-04-09
CVE-2026-35654	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Authorization Bypass in Microsoft Teams Feedback Invoke	2026-04-10
CVE-2026-35655	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution	2026-04-10
CVE-2026-41331	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription	2026-04-20
CVE-2026-41374	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Resource Consumption via Discord Audio Preflight Before Member Authorization	2026-04-28
CVE-2026-27008	🟡 MEDIUM	6.8	OpenClaw hardened the skill download target directory validation	2026-02-19
CVE-2026-32024	🟡 MEDIUM	6.8	OpenClaw < 2026.2.22 - Symlink Traversal in Avatar Handling	2026-03-19
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-33572	🟡 MEDIUM	6.8	OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files	2026-03-29
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-32061	🟡 MEDIUM	6.7	OpenClaw < 2026.2.17 - Arbitrary File Read via $include Directive Path Traversal	2026-03-11
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-28475	🟡 MEDIUM	6.3	OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison	2026-03-05
CVE-2026-28476	🟡 MEDIUM	6.3	OpenClaw < 2026.2.14 - Server-Side Request Forgery in Tlon Extension Authentication	2026-03-05
CVE-2026-32031	🟡 MEDIUM	6.3	OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway	2026-03-19
CVE-2026-32896	🟡 MEDIUM	6.3	OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin	2026-03-21
CVE-2026-35628	🟡 MEDIUM	6.3	OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting	2026-04-09
CVE-2026-35656	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter	2026-04-10
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-43572	🟡 MEDIUM	6.3	OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks	2026-05-05
CVE-2026-28460	🟡 MEDIUM	6	OpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.run	2026-03-19
CVE-2026-32022	🟡 MEDIUM	6	OpenClaw < 2026.2.21 - Arbitrary File Read via grep -e Flag Policy Bypass	2026-03-19
CVE-2026-32017	🟡 MEDIUM	6	OpenClaw < 2026.2.19 - Arbitrary File Write via Short-Option Bypass in exec Allowlist	2026-03-19
CVE-2026-41363	🟡 MEDIUM	6	OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter	2026-04-27
CVE-2026-41911	🟡 MEDIUM	6	OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image	2026-04-28
CVE-2026-43570	🟡 MEDIUM	6	OpenClaw contains a symlink traversal vulnerability	2026-05-05
CVE-2026-43574	🟡 MEDIUM	6	OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists	2026-05-05
CVE-2026-32043	🟡 MEDIUM	5.9	OpenClaw < 2026.2.25 - Time-of-Check-Time-of-Use via Mutable Symlink in system.run cwd Parameter	2026-03-21
CVE-2026-41393	🟡 MEDIUM	5.9	OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery	2026-04-28
CVE-2026-27670	🟡 MEDIUM	5.8	OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition	2026-03-19
CVE-2026-32000	🟡 MEDIUM	5.8	OpenClaw < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Tool Execution	2026-03-19
CVE-2026-31993	🟡 MEDIUM	5.6	OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains	2026-03-19
CVE-2026-31989	🟡 MEDIUM	5.3	OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect	2026-03-19
CVE-2026-35629	🟡 MEDIUM	5.3	OpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel Extensions	2026-04-09
CVE-2026-32895	🟡 MEDIUM	5.3	OpenClaw < 2026.2.26 - Sender Authorization Bypass in Slack System Event Handlers	2026-03-21
CVE-2026-35642	🟡 MEDIUM	5.3	OpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention Bypass	2026-04-09
CVE-2026-41909	🟡 MEDIUM	5.3	OpenClaw < 2026.4.20 - Improper Authorization in Paired-Device Pairing Actions	2026-04-23
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-42436	🟡 MEDIUM	4.9	OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation	2026-05-05
CVE-2026-43532	🟡 MEDIUM	4.9	OpenClaw: Discord event cover images bypassed sandbox media normalization	2026-05-05
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-32020	🟡 MEDIUM	4.8	OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler	2026-03-19
CVE-2026-32046	🟡 MEDIUM	4.8	OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag	2026-03-21
CVE-2026-42430	🟡 MEDIUM	4.8	OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling	2026-04-28
CVE-2026-27485	🟡 MEDIUM	4.6	OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection	2026-02-21
CVE-2026-41338	🟡 MEDIUM	4.3	OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations	2026-04-23
CVE-2026-32006	🟢 LOW	2.3	OpenClaw < 2026.2.26 - Authorization Bypass via DM Pairing-Store Fallback in Group Allowlist	2026-03-19
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41362	🟢 LOW	2.3	OpenClaw 2026.2.19 < 2026.3.31 - Webhook Replay Dedupe Cache Event Suppression via Shared Authentication	2026-04-27
CVE-2026-41382	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps	2026-04-28
CVE-2026-41402	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-41398	🟢 LOW	2.1	OpenClaw - Unauthorized Agent Request Dispatch via Untrusted Local-Network Pages in iOS A2UI Bridge	2026-04-28
CVE-2026-43529	🟢 LOW	2	OpenClaw: TOCTOU read in exec script preflight	2026-05-05

🔄 CVE 发布流水线

41/41 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42435	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42436	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42437	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43528	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43529	✅ PUBLISHED	VulnCheck	2026-04-16	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43531	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43532	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43534	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43535	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43566	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43568	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43574	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-6011	✅ PUBLISHED	—	2026-04-10	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	\| [GHSA-2cq5-mf3v-mx44](https://github.com/advisories/GHSA-2cq5-mf3v-mx44)	2026-04-17	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	\| [GHSA-736r-jwj6-4w23](https://github.com/advisories/GHSA-736r-jwj6-4w23)	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	\| [GHSA-82qx-6vj7-p8m2](https://github.com/advisories/GHSA-82qx-6vj7-p8m2)	2026-04-17	✅ 已收录
CVE-2026-42437	✅ PUBLISHED	\| [GHSA-8372-7vhw-cm6q](https://github.com/advisories/GHSA-8372-7vhw-cm6q)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	\| [GHSA-q8ff-7ffm-m3r9](https://github.com/advisories/GHSA-q8ff-7ffm-m3r9)	2026-05-05	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-jhpv-5j76-m56h](https://github.com/advisories/GHSA-jhpv-5j76-m56h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	\| [GHSA-7wv4-cc7p-jhxc](https://github.com/advisories/GHSA-7wv4-cc7p-jhxc)	2026-04-17	✅ 已收录
CVE-2026-43532	✅ PUBLISHED	\| [GHSA-49cg-279w-m73x](https://github.com/advisories/GHSA-49cg-279w-m73x)	2026-04-17	✅ 已收录
CVE-2026-43534	✅ PUBLISHED	\| [GHSA-j6c7-3h5x-99g9](https://github.com/advisories/GHSA-j6c7-3h5x-99g9)	2026-04-17	✅ 已收录
CVE-2026-43568	✅ PUBLISHED	\| [GHSA-g2hm-779g-vm32](https://github.com/advisories/GHSA-g2hm-779g-vm32)	2026-04-17	✅ 已收录
CVE-2026-42436	✅ PUBLISHED	\| [GHSA-jwrq-8g5x-5fhm](https://github.com/advisories/GHSA-jwrq-8g5x-5fhm)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-v8qf-fr4g-28p2](https://github.com/advisories/GHSA-v8qf-fr4g-28p2)	2026-05-04	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	\| [GHSA-r77c-2cmr-7p47](https://github.com/advisories/GHSA-r77c-2cmr-7p47)	2026-04-17	✅ 已收录
CVE-2026-43529	✅ PUBLISHED	\| [GHSA-52vj-fvrv-7q82](https://github.com/advisories/GHSA-52vj-fvrv-7q82)	2026-04-16	✅ 已收录

📢 安全公告精选

148+

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05

GHSA-wppj-c6m HIGH

OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root

2026-05-04

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04

GHSA-5mh4-3rv HIGH

Duplicate Advisory: OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

2026-04-28

GHSA-5799-3xg HIGH

Duplicate Advisory: OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

2026-04-28

GHSA-394x-274 HIGH

Duplicate Advisory: OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

2026-04-24

GHSA-7vq9-42c HIGH

Duplicate Advisory: OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md

2026-04-24

GHSA-gv2f-q4w HIGH

Duplicate Advisory: OpenClaw: CLI Remote Onboarding Persists Unauthenticated Discovery Endpoint and Exfiltrates Gateway Credentials

2026-04-24

GHSA-jx3c-247 HIGH

Duplicate Advisory: OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code

2026-04-24

GHSA-66r7-m7x HIGH

OpenClaw: QQBot media tags could read arbitrary local files through reply text

2026-04-17 CVE-2026-43533

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.8

平均 CVSS 评分

🔴

117%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察