UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

130

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-32915	🟣 CRITICAL	9.3	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Subagent Control Surface	2026-03-29
CVE-2026-28470	🟣 CRITICAL	9.2	OpenClaw < 2026.2.2 - Exec Allowlist Bypass via Command Substitution in Double Quotes	2026-03-05
CVE-2026-44109	🟣 CRITICAL	9.2	OpenClaw: Feishu webhook and card-action validation now fail closed	2026-05-06
CVE-2026-43585	🟣 CRITICAL	9.2	OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation	2026-05-06
CVE-2026-41386	🟣 CRITICAL	9.1	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes	2026-04-28
CVE-2026-43566	🟣 CRITICAL	9.1	OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events	2026-05-05
CVE-2026-43581	🟣 CRITICAL	9	OpenClaw < 2026.4.10 - Chrome DevTools Protocol Exposure via Overly Broad CDP Relay Binding	2026-05-06
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-22171	🔴 HIGH	8.8	OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming	2026-03-18
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-41394	🔴 HIGH	8.8	OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes	2026-04-28
CVE-2026-28462	🔴 HIGH	8.7	OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths	2026-03-05
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-32060	🔴 HIGH	8.7	OpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted Paths	2026-03-11
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-28456	🔴 HIGH	8.6	OpenClaw 2026.1.5 < 2026.2.14 - Arbitrary Code Execution via Unsafe Hook Module Path Handling	2026-03-05
CVE-2026-41295	🔴 HIGH	8.5	OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shadow Code Execution during Built-in Channel Setup	2026-04-20
CVE-2026-41336	🔴 HIGH	8.5	OpenClaw < 2026.3.31 - Arbitrary Hook Code Execution via OPENCLAW_BUNDLED_HOOKS_DIR Environment Variable Override	2026-04-23
CVE-2026-41396	🔴 HIGH	8.5	OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root	2026-04-28
CVE-2026-44114	🔴 HIGH	8.5	OpenClaw: Workspace dotenv could override runtime-control environment variables	2026-05-06
CVE-2026-44118	🔴 HIGH	8.5	OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Token Header	2026-05-06
CVE-2026-41371	🔴 HIGH	8.4	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send Reset Command	2026-04-27
CVE-2026-45004	🔴 HIGH	8.4	OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution	2026-05-11
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-29610	🔴 HIGH	7.7	OpenClaw < 2026.2.14 - Command Hijacking via Unsafe PATH Handling	2026-03-05
CVE-2026-32056	🔴 HIGH	7.7	OpenClaw < 2026.2.22 - Remote Code Execution via Shell Startup Environment Variable Injection in system.run	2026-03-21
CVE-2026-35650	🔴 HIGH	7.7	OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization	2026-04-10
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries	2026-05-06
CVE-2026-41397	🔴 HIGH	7.6	OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal	2026-04-28
CVE-2026-26319	🔴 HIGH	7.5	OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests	2026-02-19
CVE-2026-22179	🔴 HIGH	7.5	OpenClaw < 2026.2.22 - Allowlist Bypass via Command Substitution in system.run	2026-03-18
CVE-2026-32003	🔴 HIGH	7.5	OpenClaw < 2026.2.22 - Remote Code Execution via SHELLOPTS/PS4 Environment Injection in system.run	2026-03-19
CVE-2026-32041	🔴 HIGH	7.5	OpenClaw < 2026.3.1 - Unauthenticated Browser Control Access via Failed Auth Bootstrap	2026-03-19
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-34512	🔴 HIGH	7.2	OpenClaw < 2026.3.25 - Improper Access Control in /sessions/:sessionKey/kill Endpoint	2026-04-09
CVE-2026-35660	🔴 HIGH	7.2	OpenClaw < 2026.3.23 - Insufficient Access Control in Gateway Agent Session Reset	2026-04-10
CVE-2026-27566	🔴 HIGH	7.1	OpenClaw < 2026.2.22 - Allowlist Bypass via Wrapper Binary Unwrapping in system.run	2026-03-19
CVE-2026-27522	🔴 HIGH	7.1	OpenClaw < 2026.2.24 - Arbitrary File Read via sendAttachment and setGroupIcon Message Actions	2026-03-18
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-22168	🔴 HIGH	7.1	OpenClaw < 2026.2.21 - Command Injection via cmd.exe /c Trailing Arguments in system.run	2026-03-18
CVE-2026-28459	🔴 HIGH	7.1	OpenClaw < 2026.2.12 - Arbitrary File Write via Untrusted sessionFile Path	2026-03-05
CVE-2026-32008	🔴 HIGH	7.1	OpenClaw < 2026.2.21 - Arbitrary Local File Read via Browser Navigation Guard	2026-03-19
CVE-2026-33581	🔴 HIGH	7.1	OpenClaw < 2026.3.24 - Arbitrary File Read via mediaUrl and fileUrl Parameters	2026-03-31
CVE-2026-32976	🔴 HIGH	7.1	OpenClaw < 2026.3.11 - Account-Scoped configWrites Policy Bypass via Channel Commands	2026-03-31
CVE-2026-35636	🔴 HIGH	7.1	OpenClaw 2026.3.11 < 2026.3.25 - Session Isolation Bypass via sessionId Resolution	2026-04-09
CVE-2026-41299	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard	2026-04-20
CVE-2026-41375	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints	2026-04-28
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-41380	🔴 HIGH	7	OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables	2026-04-28
CVE-2026-43531	🔴 HIGH	7	OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File	2026-05-05
CVE-2026-27523	🟡 MEDIUM	6.9	OpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf Paths	2026-03-18
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-32063	🟡 MEDIUM	6.9	OpenClaw 2026.2.19-2 < 2026.2.21 - Command Injection via Newline in systemd Unit Generation	2026-03-11
CVE-2026-35632	🟡 MEDIUM	6.9	OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update	2026-04-09
CVE-2026-41372	🟡 MEDIUM	6.9	OpenClaw < 2026.4.2 - Loopback Protection Bypass via Trailing-Dot Localhost in CDP Discovery	2026-04-27
CVE-2026-44116	🟡 MEDIUM	6.9	OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation	2026-05-06
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-28486	🟡 MEDIUM	6.8	OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands	2026-03-05
CVE-2026-32024	🟡 MEDIUM	6.8	OpenClaw < 2026.2.22 - Symlink Traversal in Avatar Handling	2026-03-19
CVE-2026-26972	🟡 MEDIUM	6.7	OpenClaw has a Path Traversal in Browser Download Functionality	2026-02-19
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-28471	🟡 MEDIUM	6.3	OpenClaw 2026.1.14-1 < 2026.2.2 - Allowlist Bypass via displayName and Cross-Homeserver localpart Matching in Matrix Plugin	2026-03-05
CVE-2026-32021	🟡 MEDIUM	6.3	OpenClaw < 2026.2.22 - Authorization Bypass via Display Name Collision in Feishu allowFrom	2026-03-19
CVE-2026-29606	🟡 MEDIUM	6.3	OpenClaw < 2026.2.14 - Webhook Signature Verification Bypass via ngrok Loopback Compatibility	2026-03-05
CVE-2026-35623	🟡 MEDIUM	6.3	OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Webhook Password Rate Limiting	2026-04-09
CVE-2026-41346	🟡 MEDIUM	6.3	OpenClaw 2026.2.26 < 2026.3.31 - Denial of Service via Improper Pending Pairing Request Cap Enforcement	2026-04-23
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-41407	🟡 MEDIUM	6.3	OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison	2026-04-28
CVE-2026-41913	🟡 MEDIUM	6.3	OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts	2026-04-28
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-44117	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload	2026-05-06
CVE-2026-44999	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Improper Trust Labeling in Isolated Cron Awareness Events	2026-05-11
CVE-2026-45002	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping	2026-05-11
CVE-2026-32034	🟡 MEDIUM	6.1	OpenClaw < 2026.2.21 - Insecure Control UI Authentication over Plaintext HTTP	2026-03-19
CVE-2026-35645	🟡 MEDIUM	6.1	OpenClaw < 2026.3.25 - Privilege Escalation via Synthetic operator.admin in deleteSession	2026-04-09
CVE-2026-32023	🟡 MEDIUM	6	OpenClaw < 2026.2.24 - Approval Gating Bypass via Dispatch-Wrapper Depth-Cap Mismatch in system.run	2026-03-19
CVE-2026-32039	🟡 MEDIUM	6	OpenClaw < 2026.2.22 - Sender Authorization Bypass via Identity Collision in toolsBySender	2026-03-19
CVE-2026-35622	🟡 MEDIUM	6	OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook	2026-04-09
CVE-2026-43570	🟡 MEDIUM	6	OpenClaw contains a symlink traversal vulnerability	2026-05-05
CVE-2026-43574	🟡 MEDIUM	6	OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists	2026-05-05
CVE-2026-44112	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes	2026-05-06
CVE-2026-44113	🟡 MEDIUM	6	OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes	2026-05-06
CVE-2026-22174	🟡 MEDIUM	5.9	OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe	2026-03-18
CVE-2026-28477	🟡 MEDIUM	5.9	OpenClaw < 2026.2.14 - OAuth State Validation Bypass in Manual Chutes Login Flow	2026-03-05
CVE-2026-45005	🟡 MEDIUM	5.9	OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invalidated After Rotation	2026-05-11
CVE-2026-27646	🟡 MEDIUM	5.8	OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command	2026-03-23
CVE-2026-32988	🟡 MEDIUM	5.8	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unvalidated Temporary File Creation	2026-03-31
CVE-2026-33574	🟡 MEDIUM	5.8	OpenClaw < 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download	2026-03-29
CVE-2026-41332	🟡 MEDIUM	5.8	OpenClaw < 2026.3.28 - Code Execution via Missing Environment Variable Blocklist	2026-04-23
CVE-2026-41391	🟡 MEDIUM	5.8	OpenClaw < 2026.3.31 - Environment Variable Bypass in Package Index URL Handling	2026-04-28
CVE-2026-41355	🟡 MEDIUM	5.4	OpenShell < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion	2026-04-23
CVE-2026-44995	🟡 MEDIUM	5.4	OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config	2026-05-11
CVE-2026-32923	🟡 MEDIUM	5.3	OpenClaw < 2026.3.11 - Authorization Bypass in Discord Guild Reaction Allowlist Enforcement	2026-03-29
CVE-2026-35619	🟡 MEDIUM	5.3	OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint	2026-04-10
CVE-2026-41339	🟡 MEDIUM	5.3	OpenClaw < 2026.4.2 - Information Disclosure via Gateway Connect Snapshot	2026-04-23
CVE-2026-41367	🟡 MEDIUM	5.3	OpenClaw 2026.2.14 < 2026.3.28 - Policy Enforcement Bypass in Discord Component Interactions	2026-04-27
CVE-2026-35659	🟡 MEDIUM	5.1	OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery	2026-04-10
CVE-2026-41361	🟡 MEDIUM	5.1	OpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use Ranges	2026-04-23
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-43576	🟡 MEDIUM	4.9	OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL	2026-05-06
CVE-2026-43582	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass	2026-05-06
CVE-2026-43580	🟡 MEDIUM	4.9	OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage	2026-05-06
CVE-2026-32046	🟡 MEDIUM	4.8	OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag	2026-03-21
CVE-2026-41302	🟡 MEDIUM	4.8	OpenClaw < 2026.3.31 - Server-Side Request Forgery via Unguarded fetch() in Marketplace Plugin Download	2026-04-20
CVE-2026-41297	🟡 MEDIUM	4.8	OpenClaw < 2026.3.31 - Server-Side Request Forgery via Marketplace Plugin Download Redirect	2026-04-20
CVE-2026-44992	🟡 MEDIUM	4.1	OpenClaw 2026.4.5 < 2026.4.20 - MiniMax API Host Override via Workspace dotenv	2026-05-11
CVE-2026-45003	🟡 MEDIUM	4.1	OpenClaw: Workspace dotenv files cannot override connector endpoint hosts	2026-05-11
CVE-2026-24764	🟢 LOW	3.7	OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions	2026-02-19
CVE-2026-32040	🟢 LOW	2.4	OpenClaw < 2026.2.23 - HTML Injection via Unvalidated Image MIME Type in Data-URL Interpolation	2026-03-19
CVE-2026-35617	🟢 LOW	2.3	OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName	2026-04-09
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41356	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate	2026-04-23
CVE-2026-41376	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender Validation	2026-04-28
CVE-2026-41382	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-42421	🟢 LOW	2.3	OpenClaw < 2026.4.8 - WebSocket Session Persistence via Shared Gateway Token Rotation	2026-04-28
CVE-2026-41916	🟢 LOW	2.3	OpenClaw < 2026.4.8 - Stale Authentication State via Config Reload	2026-04-28
CVE-2026-44991	🟢 LOW	2.3	OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners	2026-05-11
CVE-2026-44997	🟢 LOW	2.3	OpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child Sessions	2026-05-11
CVE-2026-41330	🟢 LOW	2	OpenClaw < 2026.3.31 - Environment Variable Override via Host Exec Policy	2026-04-20

🔄 CVE 发布流水线

48/48 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43576	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43580	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44110	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44112	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44117	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	VulnCheck	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44997	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44999	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45002	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	\| [GHSA-cwj3-vqpp-pmxr](https://github.com/advisories/GHSA-cwj3-vqpp-pmxr)	2026-05-05	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	\| [GHSA-5mh4-3rv3-fpcf](https://github.com/advisories/GHSA-5mh4-3rv3-fpcf)	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	\| [GHSA-394x-274p-mqc6](https://github.com/advisories/GHSA-394x-274p-mqc6)	2026-04-25	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	\| [GHSA-2gvc-4f3c-2855](https://github.com/advisories/GHSA-2gvc-4f3c-2855)	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	\| [GHSA-66r7-m7xm-v49h](https://github.com/advisories/GHSA-66r7-m7xm-v49h)	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	\| [GHSA-7jp6-r74r-995q](https://github.com/advisories/GHSA-7jp6-r74r-995q)	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	\| [GHSA-939r-rj45-g2rj](https://github.com/advisories/GHSA-939r-rj45-g2rj)	2026-04-17	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	\| [GHSA-525j-hqq2-66r4](https://github.com/advisories/GHSA-525j-hqq2-66r4)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	\| [GHSA-35mw-5vvr-vrxc](https://github.com/advisories/GHSA-35mw-5vvr-vrxc)	2026-05-05	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	\| [GHSA-wppj-c6mr-83jj](https://github.com/advisories/GHSA-wppj-c6mr-83jj)	2026-05-04	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	\| [GHSA-q3jj-46pq-826r](https://github.com/advisories/GHSA-q3jj-46pq-826r)	2026-05-04	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	\| [GHSA-93rg-2xm5-2p9v](https://github.com/advisories/GHSA-93rg-2xm5-2p9v)	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	\| [GHSA-gfg9-5357-hv4c](https://github.com/advisories/GHSA-gfg9-5357-hv4c)	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	\| [GHSA-c4qg-j8jg-42q5](https://github.com/advisories/GHSA-c4qg-j8jg-42q5)	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	\| [GHSA-2xcp-x87w-q377](https://github.com/advisories/GHSA-2xcp-x87w-q377)	2026-04-25	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-f7fh-qg34-x2xh](https://github.com/advisories/GHSA-f7fh-qg34-x2xh)	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	\| [GHSA-536q-mj95-h29h](https://github.com/advisories/GHSA-536q-mj95-h29h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	\| [GHSA-2767-2q9v-9326](https://github.com/advisories/GHSA-2767-2q9v-9326)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-57r2-h2wj-g887](https://github.com/advisories/GHSA-57r2-h2wj-g887)	2026-05-04	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	\| [GHSA-j4c5-89f5-f3pm](https://github.com/advisories/GHSA-j4c5-89f5-f3pm)	2026-04-25	✅ 已收录

📢 安全公告精选

165+

GHSA-m8wm-r5v CRITICAL

Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-05-06

GHSA-cjg8-85g CRITICAL

Duplicate Advisory: OpenClaw: Feishu webhook and card-action validation now fail closed

2026-05-06

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17 CVE-2026-44109

GHSA-xmxx-7p2 CRITICAL

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-04-17 CVE-2026-43585

GHSA-xpr6-2hg HIGH

Duplicate Advisory: OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-11

GHSA-9r9j-3r2 HIGH

Duplicate Advisory: OpenClaw: Workspace dotenv could override runtime-control environment variables

2026-05-06

GHSA-35vf-vw9 HIGH

Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-06

GHSA-xrgf-r9g HIGH

Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

2026-05-06

GHSA-79rr-5c8 HIGH

Duplicate Advisory: OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

2026-05-06

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05 CVE-2026-45004

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04 CVE-2026-44118

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.5

平均 CVSS 评分

🔴

115%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察