UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

133

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-32922	🟣 CRITICAL	9.4	OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate	2026-03-29
CVE-2026-32978	🟣 CRITICAL	9.4	OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners	2026-03-29
CVE-2026-32987	🟣 CRITICAL	9.3	OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing	2026-03-29
CVE-2026-43534	🟣 CRITICAL	9.3	OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events	2026-05-05
CVE-2026-28391	🟣 CRITICAL	9.2	OpenClaw < 2026.2.2 - Command Injection via cmd.exe Parsing Bypass in Allowlist Enforcement	2026-03-05
CVE-2026-44109	🟣 CRITICAL	9.2	OpenClaw: Feishu webhook and card-action validation now fail closed	2026-05-06
CVE-2026-43585	🟣 CRITICAL	9.2	OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation	2026-05-06
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-41296	🔴 HIGH	8.8	OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile	2026-04-20
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-32060	🔴 HIGH	8.7	OpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted Paths	2026-03-11
CVE-2026-32049	🔴 HIGH	8.7	OpenClaw < 2026.2.22 - Denial of Service via Inbound Media Download Byte Limit Bypass	2026-03-21
CVE-2026-32982	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs	2026-03-31
CVE-2026-41349	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Agentic Consent Bypass via config.patch	2026-04-23
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-42435	🔴 HIGH	8.7	OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-43584	🔴 HIGH	8.7	OpenClaw < 2026.4.10 - Insufficient Environment Variable Denylist in Exec Policy	2026-05-06
CVE-2026-41399	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	2026-04-28
CVE-2026-34503	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation	2026-03-31
CVE-2026-32064	🔴 HIGH	8.5	OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer	2026-03-21
CVE-2026-44118	🔴 HIGH	8.5	OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Token Header	2026-05-06
CVE-2026-44114	🔴 HIGH	8.5	OpenClaw: Workspace dotenv could override runtime-control environment variables	2026-05-06
CVE-2026-45004	🔴 HIGH	8.4	OpenClaw < 2026.4.23 - Arbitrary Code Execution via setup-api.js in Current Working Directory	2026-05-11
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-42422	🔴 HIGH	7.7	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function	2026-04-28
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries	2026-05-06
CVE-2026-45006	🔴 HIGH	7.7	OpenClaw < 2026.4.23 - Unsafe Config Mutation via Gateway Tool Denylist Bypass	2026-05-11
CVE-2026-27487	🔴 HIGH	7.6	OpenClaw: Prevent shell injection in macOS keychain credential write	2026-02-21
CVE-2026-26324	🔴 HIGH	7.5	OpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable)	2026-02-19
CVE-2026-28485	🔴 HIGH	7.5	OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints	2026-03-05
CVE-2026-32041	🔴 HIGH	7.5	OpenClaw < 2026.3.1 - Unauthenticated Browser Control Access via Failed Auth Bootstrap	2026-03-19
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-32055	🔴 HIGH	7.2	OpenClaw < 2026.2.26 - Workspace Path Boundary Bypass via Non-existent Symlink	2026-03-21
CVE-2026-41364	🔴 HIGH	7.2	OpenClaw < 2026.3.31 - Arbitrary File Write via Symlink Following in SSH Sandbox Tar Upload	2026-04-27
CVE-2026-26329	🔴 HIGH	7.1	OpenClaw has a path traversal in browser upload allows local file read	2026-02-19
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-29607	🔴 HIGH	7.1	OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence	2026-03-19
CVE-2026-31992	🔴 HIGH	7.1	OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S	2026-03-19
CVE-2026-41368	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Environment Variable Disclosure via jq $ENV Filter Bypass	2026-04-27
CVE-2026-41369	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host Execution	2026-04-27
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43528	🔴 HIGH	7.1	OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-43568	🔴 HIGH	7.1	OpenClaw: Memory dreaming config persistence was reachable from operator.write commands	2026-05-05
CVE-2026-32979	🔴 HIGH	7	OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval	2026-03-29
CVE-2026-43531	🔴 HIGH	7	OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File	2026-05-05
CVE-2026-27004	🟡 MEDIUM	6.9	OpenClaw session tool visibility hardening and Telegram webhook secret fallback	2026-02-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-32924	🟡 MEDIUM	6.9	OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu	2026-03-29
CVE-2026-35640	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing	2026-04-09
CVE-2026-35654	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Authorization Bypass in Microsoft Teams Feedback Invoke	2026-04-10
CVE-2026-35626	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook	2026-04-09
CVE-2026-35652	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthorized Action Execution via Callback Dispatch	2026-04-10
CVE-2026-35664	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks	2026-04-10
CVE-2026-35665	🟡 MEDIUM	6.9	OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing	2026-04-10
CVE-2026-41331	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription	2026-04-20
CVE-2026-44116	🟡 MEDIUM	6.9	OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation	2026-05-06
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-33572	🟡 MEDIUM	6.8	OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files	2026-03-29
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-32044	🟡 MEDIUM	6.7	OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation	2026-03-21
CVE-2026-32061	🟡 MEDIUM	6.7	OpenClaw < 2026.2.17 - Arbitrary File Read via $include Directive Path Traversal	2026-03-11
CVE-2026-25475	🟡 MEDIUM	6.5	OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction	2026-02-04
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-22170	🟡 MEDIUM	6.3	OpenClaw < 2026.2.22 BlueBubbles - Access Control Bypass via Empty allowFrom Configuration	2026-03-18
CVE-2026-28449	🟡 MEDIUM	6.3	OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression	2026-03-19
CVE-2026-32050	🟡 MEDIUM	6.3	OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass	2026-03-21
CVE-2026-32896	🟡 MEDIUM	6.3	OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin	2026-03-21
CVE-2026-32897	🟡 MEDIUM	6.3	OpenClaw < 2026.2.22 - Authentication Token Reuse in Owner ID Prompt Hashing Fallback	2026-03-21
CVE-2026-35649	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist	2026-04-10
CVE-2026-41340	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Authentication Boundary Bypass via Telegram Legacy allowFrom Migration	2026-04-23
CVE-2026-41333	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Authentication Rate Limiting Bypass via Fake DeviceToken	2026-04-23
CVE-2026-41388	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling	2026-04-28
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-43572	🟡 MEDIUM	6.3	OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks	2026-05-05
CVE-2026-44117	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload	2026-05-06
CVE-2026-44999	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Improper Trust Labeling in Isolated Cron Awareness Events	2026-05-11
CVE-2026-32022	🟡 MEDIUM	6	OpenClaw < 2026.2.21 - Arbitrary File Read via grep -e Flag Policy Bypass	2026-03-19
CVE-2026-41366	🟡 MEDIUM	6	OpenClaw < 2026.3.31 - Arbitrary Host File Read via appendLocalMediaParentRoots Self-Whitelisting	2026-04-27
CVE-2026-41363	🟡 MEDIUM	6	OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter	2026-04-27
CVE-2026-43570	🟡 MEDIUM	6	OpenClaw contains a symlink traversal vulnerability	2026-05-05
CVE-2026-43574	🟡 MEDIUM	6	OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists	2026-05-05
CVE-2026-43579	🟡 MEDIUM	6	OpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation Routes	2026-05-06
CVE-2026-43583	🟡 MEDIUM	6	OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay	2026-05-06
CVE-2026-44112	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes	2026-05-06
CVE-2026-44113	🟡 MEDIUM	6	OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes	2026-05-06
CVE-2026-41911	🟡 MEDIUM	6	OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image	2026-04-28
CVE-2026-40045	🟡 MEDIUM	5.9	OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints	2026-04-20
CVE-2026-41393	🟡 MEDIUM	5.9	OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery	2026-04-28
CVE-2026-45005	🟡 MEDIUM	5.9	OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invalidated After Rotation	2026-05-11
CVE-2026-27009	🟡 MEDIUM	5.8	OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection	2026-02-19
CVE-2026-27670	🟡 MEDIUM	5.8	OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition	2026-03-19
CVE-2026-33574	🟡 MEDIUM	5.8	OpenClaw < 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download	2026-03-29
CVE-2026-32977	🟡 MEDIUM	5.8	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unanchored writeFile Commit Path	2026-03-31
CVE-2026-41373	🟡 MEDIUM	5.8	OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy	2026-04-28
CVE-2026-29608	🟡 MEDIUM	5.4	OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting	2026-03-19
CVE-2026-32001	🟡 MEDIUM	5.3	OpenClaw < 2026.2.22 - Node Role Device-Identity Bypass via WebSocket Authentication	2026-03-19
CVE-2026-32898	🟡 MEDIUM	5.3	OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata	2026-03-21
CVE-2026-33578	🟡 MEDIUM	5.3	OpenClaw < 2026.3.28 - Sender Policy Allowlist Bypass via Policy Downgrade in Google Chat and Zalouser Extensions	2026-03-31
CVE-2026-35642	🟡 MEDIUM	5.3	OpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention Bypass	2026-04-09
CVE-2026-41344	🟡 MEDIUM	5.3	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter	2026-04-23
CVE-2026-35662	🟡 MEDIUM	5.3	OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action	2026-04-10
CVE-2026-41365	🟡 MEDIUM	5.3	OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API Thread History	2026-04-27
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-43576	🟡 MEDIUM	4.9	OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL	2026-05-06
CVE-2026-43580	🟡 MEDIUM	4.9	OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage	2026-05-06
CVE-2026-43582	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass	2026-05-06
CVE-2026-43532	🟡 MEDIUM	4.9	OpenClaw: Discord event cover images bypassed sandbox media normalization	2026-05-05
CVE-2026-41912	🟡 MEDIUM	4.8	OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation	2026-04-28
CVE-2026-27486	🟡 MEDIUM	4.3	OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup	2026-02-21
CVE-2026-44992	🟡 MEDIUM	4.1	OpenClaw 2026.4.5 < 2026.4.20 - MiniMax API Host Override via Workspace dotenv	2026-05-11
CVE-2026-24764	🟢 LOW	3.7	OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions	2026-02-19
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41347	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Cross-Site Request Forgery via Missing Browser-Origin Validation in HTTP Operator Endpoints	2026-04-23
CVE-2026-41381	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-44111	🟢 LOW	2.3	OpenClaw < 2026.4.15 - Arbitrary Markdown File Read via QMD memory_get	2026-05-06
CVE-2026-45000	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery via Browser CDP Profile Creation	2026-05-11
CVE-2026-41398	🟢 LOW	2.1	OpenClaw - Unauthorized Agent Request Dispatch via Untrusted Local-Network Pages in iOS A2UI Bridge	2026-04-28
CVE-2026-31996	🟢 LOW	2	OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags	2026-03-19
CVE-2026-32058	🟢 LOW	2	OpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node	2026-03-21
CVE-2026-32970	🟢 LOW	2	OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs	2026-03-31

🔄 CVE 发布流水线

48/48 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42435	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43531	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43532	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43534	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43568	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43574	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43576	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43580	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43583	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43584	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44110	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44112	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44117	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	\| [GHSA-5mh4-3rv3-fpcf](https://github.com/advisories/GHSA-5mh4-3rv3-fpcf)	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	\| [GHSA-394x-274p-mqc6](https://github.com/advisories/GHSA-394x-274p-mqc6)	2026-04-25	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	\| [GHSA-2gvc-4f3c-2855](https://github.com/advisories/GHSA-2gvc-4f3c-2855)	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	\| [GHSA-66r7-m7xm-v49h](https://github.com/advisories/GHSA-66r7-m7xm-v49h)	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	\| [GHSA-7jp6-r74r-995q](https://github.com/advisories/GHSA-7jp6-r74r-995q)	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	\| [GHSA-939r-rj45-g2rj](https://github.com/advisories/GHSA-939r-rj45-g2rj)	2026-04-17	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	\| [GHSA-vfp4-8x56-j7c5](https://github.com/advisories/GHSA-vfp4-8x56-j7c5)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	\| [GHSA-q8ff-7ffm-m3r9](https://github.com/advisories/GHSA-q8ff-7ffm-m3r9)	2026-05-05	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	\| [GHSA-wppj-c6mr-83jj](https://github.com/advisories/GHSA-wppj-c6mr-83jj)	2026-05-04	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	\| [GHSA-93rg-2xm5-2p9v](https://github.com/advisories/GHSA-93rg-2xm5-2p9v)	2026-05-04	✅ 已收录
CVE-2026-44117	✅ PUBLISHED	\| [GHSA-7jm2-g593-4qrc](https://github.com/advisories/GHSA-7jm2-g593-4qrc)	2026-04-25	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-f7fh-qg34-x2xh](https://github.com/advisories/GHSA-f7fh-qg34-x2xh)	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	\| [GHSA-536q-mj95-h29h](https://github.com/advisories/GHSA-536q-mj95-h29h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	\| [GHSA-2767-2q9v-9326](https://github.com/advisories/GHSA-2767-2q9v-9326)	2026-04-17	✅ 已收录
CVE-2026-43531	✅ PUBLISHED	\| [GHSA-c9h3-5p7r-mrjh](https://github.com/advisories/GHSA-c9h3-5p7r-mrjh)	2026-04-17	✅ 已收录
CVE-2026-43574	✅ PUBLISHED	\| [GHSA-7g8c-cfr3-vqqr](https://github.com/advisories/GHSA-7g8c-cfr3-vqqr)	2026-04-17	✅ 已收录
CVE-2026-42435	✅ PUBLISHED	\| [GHSA-5gjc-grvm-m88j](https://github.com/advisories/GHSA-5gjc-grvm-m88j)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-v8qf-fr4g-28p2](https://github.com/advisories/GHSA-v8qf-fr4g-28p2)	2026-05-04	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	\| [GHSA-r77c-2cmr-7p47](https://github.com/advisories/GHSA-r77c-2cmr-7p47)	2026-04-17	✅ 已收录

📢 安全公告精选

156+

GHSA-m8wm-r5v CRITICAL

Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-05-06

GHSA-cjg8-85g CRITICAL

Duplicate Advisory: OpenClaw: Feishu webhook and card-action validation now fail closed

2026-05-06

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17 CVE-2026-44109

GHSA-xmxx-7p2 CRITICAL

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-04-17 CVE-2026-43585

GHSA-9r9j-3r2 HIGH

Duplicate Advisory: OpenClaw: Workspace dotenv could override runtime-control environment variables

2026-05-06

GHSA-35vf-vw9 HIGH

Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-06

GHSA-xrgf-r9g HIGH

Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

2026-05-06

GHSA-79rr-5c8 HIGH

Duplicate Advisory: OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

2026-05-06

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04 CVE-2026-44118

GHSA-5mh4-3rv HIGH

Duplicate Advisory: OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

2026-04-28

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.5

平均 CVSS 评分

🔴

110%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察