每日自动更新

🛡️ UCloud OpenClaw CVEs

安全漏洞追踪面板 — 基于 cvelistV5 + GitHub Advisory Database 数据

17
已发布 CVE
140
安全公告
34
HIGH / CRITICAL
17/17
Pipeline 全部已发布
📋 CVE 列表 🔄 发布流水线 📢 安全公告 📊 漏洞分类 💡 关键洞察

📋 已发布 CVE(cvelistV5)

108
CVE ID严重性CVSS漏洞描述发布日期
CVE-2026-22172 🟣 CRITICAL 9.4 OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections 2026-03-20
CVE-2026-28474 🟣 CRITICAL 9.3 OpenClaw Nextcloud Talk < 2026.2.6 - Allowlist Bypass via actor.name Display Name Spoofing 2026-03-05
CVE-2026-32987 🟣 CRITICAL 9.3 OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing 2026-03-29
CVE-2026-32917 🟣 CRITICAL 9.2 OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP 2026-03-31
CVE-2026-25253 🔴 HIGH 8.8 OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl 2026-02-01
CVE-2026-24763 🔴 HIGH 8.8 OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable 2026-02-02
CVE-2026-28479 🔴 HIGH 8.7 OpenClaw < 2026.2.15 - Cache Poisoning via Deprecated SHA-1 Hash in Sandbox Configuration 2026-03-05
CVE-2026-28478 🔴 HIGH 8.7 OpenClaw affected by denial of service via unbounded webhook request body buffering 2026-03-05
CVE-2026-32013 🔴 HIGH 8.7 OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods 2026-03-19
CVE-2026-32011 🔴 HIGH 8.7 OpenClaw < 2026.3.2 - Slow-Request Denial of Service via Pre-Auth Webhook Body Parsing 2026-03-19
CVE-2026-32059 🔴 HIGH 8.7 OpenClaw 2026.2.22-2 < 2026.2.23 - Allowlist Bypass via sort Long-Option Abbreviation in tools.exec.safeBins 2026-03-11
CVE-2026-32049 🔴 HIGH 8.7 OpenClaw < 2026.2.22 - Denial of Service via Inbound Media Download Byte Limit Bypass 2026-03-21
CVE-2026-32051 🔴 HIGH 8.7 OpenClaw < 2026.3.1 - Authorization Bypass in Agent Runs via Owner-Only Tool Access 2026-03-21
CVE-2026-32982 🔴 HIGH 8.7 OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs 2026-03-31
CVE-2026-35639 🔴 HIGH 8.7 OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation 2026-04-09
CVE-2026-35669 🔴 HIGH 8.7 OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope 2026-04-10
CVE-2026-33575 🔴 HIGH 8.6 OpenClaw < 2026.3.12 - Long-lived Credential Exposure in Pairing Setup Codes 2026-03-29
CVE-2026-34503 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation 2026-03-31
CVE-2026-33579 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval 2026-03-31
CVE-2026-41295 🔴 HIGH 8.5 OpenClaw: Untrusted workspace channel shadows could execute during built-in channel setup 2026-04-20
CVE-2026-35641 🔴 HIGH 8.4 OpenClaw < 2026.3.24 - Arbitrary Code Execution via .npmrc in Local Plugin/Hook Installation 2026-04-10
CVE-2026-28453 🔴 HIGH 8.3 OpenClaw < 2026.2.14 - Zip Slip Path Traversal in TAR Archive Extraction 2026-03-05
CVE-2026-35618 🔴 HIGH 8.3 OpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only Variants in Plivo V2 Verification 2026-04-09
CVE-2026-28469 🔴 HIGH 8.2 OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting 2026-03-05
CVE-2026-28464 🔴 HIGH 8.2 OpenClaw < 2026.2.12 - Timing Attack in Hooks Token Authentication 2026-03-05
CVE-2026-32045 🔴 HIGH 8.2 OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth 2026-03-21
CVE-2026-25157 🔴 HIGH 7.8 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand 2026-02-04
CVE-2026-27002 🔴 HIGH 7.7 OpenClaw: Docker container escape via unvalidated bind mount config injection 2026-02-19
CVE-2026-29610 🔴 HIGH 7.7 OpenClaw < 2026.2.14 - Command Hijacking via Unsafe PATH Handling 2026-03-05
CVE-2026-32048 🔴 HIGH 7.7 OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn 2026-03-21
CVE-2026-35666 🔴 HIGH 7.7 OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper 2026-04-10
CVE-2026-32005 🔴 HIGH 7.6 OpenClaw < 2026.2.25 - Authorization Bypass in Interactive Callbacks via Sender Check Skip 2026-03-19
CVE-2026-25474 🔴 HIGH 7.5 OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass 2026-02-19
CVE-2026-28485 🔴 HIGH 7.5 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints 2026-03-05
CVE-2026-28458 🔴 HIGH 7.4 OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access 2026-03-05
CVE-2026-32016 🔴 HIGH 7.3 OpenClaw < 2026.2.22 - Path Traversal via Basename-Only Allowlist Matching on macOS 2026-03-19
CVE-2026-26325 🔴 HIGH 7.2 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals 2026-02-19
CVE-2026-34512 🔴 HIGH 7.2 OpenClaw < 2026.3.25 - Improper Access Control in /sessions/:sessionKey/kill Endpoint 2026-04-09
CVE-2026-26320 🔴 HIGH 7.1 OpenClaw macOS deep link confirmation truncation can conceal executed agent message 2026-02-19
CVE-2026-26317 🔴 HIGH 7.1 OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints 2026-02-19
CVE-2026-26327 🔴 HIGH 7.1 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning 2026-02-19
CVE-2026-26329 🔴 HIGH 7.1 OpenClaw has a path traversal in browser upload allows local file read 2026-02-19
CVE-2026-27522 🔴 HIGH 7.1 OpenClaw < 2026.2.24 - Arbitrary File Read via sendAttachment and setGroupIcon Message Actions 2026-03-18
CVE-2026-32026 🔴 HIGH 7.1 OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox 2026-03-19
CVE-2026-32976 🔴 HIGH 7.1 OpenClaw < 2026.3.11 - Account-Scoped configWrites Policy Bypass via Channel Commands 2026-03-31
CVE-2026-35631 🔴 HIGH 7.1 OpenClaw < 2026.3.22 - Missing Authorization Enforcement in Internal ACP Chat Commands 2026-04-09
CVE-2026-35644 🔴 HIGH 7.1 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots 2026-04-09
CVE-2026-40037 🔴 HIGH 7.1 OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects 2026-04-08
CVE-2026-22178 🟡 MEDIUM 6.9 OpenClaw < 2026.2.19 - ReDoS and Regex Injection via Unescaped Feishu Mention Metadata 2026-03-18
CVE-2026-27003 🟡 MEDIUM 6.9 OpenClaw: Telegram bot token exposure via logs 2026-02-19
CVE-2026-27523 🟡 MEDIUM 6.9 OpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf Paths 2026-03-18
CVE-2026-27004 🟡 MEDIUM 6.9 OpenClaw session tool visibility hardening and Telegram webhook secret fallback 2026-02-19
CVE-2026-28480 🟡 MEDIUM 6.9 OpenClaw Telegram allowlist authorization accepted mutable usernames 2026-03-05
CVE-2026-31990 🟡 MEDIUM 6.9 OpenClaw < 2026.3.2 - Symlink Traversal in stageSandboxMedia Destination 2026-03-19
CVE-2026-32053 🟡 MEDIUM 6.9 OpenClaw < 2026.2.23 - Twilio Webhook Replay Bypass via Randomized Event ID Normalization 2026-03-21
CVE-2026-32924 🟡 MEDIUM 6.9 OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu 2026-03-29
CVE-2026-32919 🟡 MEDIUM 6.9 OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands 2026-03-29
CVE-2026-33576 🟡 MEDIUM 6.9 OpenClaw < 2026.3.28 - Unauthorized Media Download via Zalo Channel 2026-03-31
CVE-2026-35627 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling 2026-04-09
CVE-2026-35640 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing 2026-04-09
CVE-2026-35637 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Premature Cite Expansion Before Authorization in Channel and DM 2026-04-09
CVE-2026-35647 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices 2026-04-10
CVE-2026-35664 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks 2026-04-10
CVE-2026-41301 🟡 MEDIUM 6.9 OpenClaw: Forged Nostr DMs could create pairing state before signature verification 2026-04-20
CVE-2026-41331 🟡 MEDIUM 6.9 OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription 2026-04-20
CVE-2026-29612 🟡 MEDIUM 6.8 OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding 2026-03-05
CVE-2026-33572 🟡 MEDIUM 6.8 OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files 2026-03-29
CVE-2026-26972 🟡 MEDIUM 6.7 OpenClaw has a Path Traversal in Browser Download Functionality 2026-02-19
CVE-2026-28452 🟡 MEDIUM 6.7 OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR) 2026-03-05
CVE-2026-25475 🟡 MEDIUM 6.5 OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction 2026-02-04
CVE-2026-26328 🟡 MEDIUM 6.5 OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities 2026-02-19
CVE-2026-28448 🟡 MEDIUM 6.3 OpenClaw 2026.1.29 < 2026.2.1 - Authorization Bypass in Twitch Plugin allowFrom Access Control 2026-03-05
CVE-2026-28476 🟡 MEDIUM 6.3 OpenClaw < 2026.2.14 - Server-Side Request Forgery in Tlon Extension Authentication 2026-03-05
CVE-2026-28475 🟡 MEDIUM 6.3 OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison 2026-03-05
CVE-2026-32021 🟡 MEDIUM 6.3 OpenClaw < 2026.2.22 - Authorization Bypass via Display Name Collision in Feishu allowFrom 2026-03-19
CVE-2026-32050 🟡 MEDIUM 6.3 OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass 2026-03-21
CVE-2026-32031 🟡 MEDIUM 6.3 OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway 2026-03-19
CVE-2026-35623 🟡 MEDIUM 6.3 OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Webhook Password Rate Limiting 2026-04-09
CVE-2026-35628 🟡 MEDIUM 6.3 OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting 2026-04-09
CVE-2026-35656 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter 2026-04-10
CVE-2026-35649 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist 2026-04-10
CVE-2026-32034 🟡 MEDIUM 6.1 OpenClaw < 2026.2.21 - Insecure Control UI Authentication over Plaintext HTTP 2026-03-19
CVE-2026-32057 🟡 MEDIUM 6 OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter 2026-03-21
CVE-2026-34511 🟡 MEDIUM 6 OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter 2026-04-03
CVE-2026-35622 🟡 MEDIUM 6 OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook 2026-04-09
CVE-2026-35670 🟡 MEDIUM 6 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat 2026-04-10
CVE-2026-32054 🟡 MEDIUM 5.9 OpenClaw < 2026.2.25 - Symlink Traversal in Browser Trace/Download Path Handling 2026-03-21
CVE-2026-40045 🟡 MEDIUM 5.9 OpenClaw: Android accepted cleartext remote gateway endpoints and sent stored credentials over ws:// 2026-04-20
CVE-2026-27009 🟡 MEDIUM 5.8 OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection 2026-02-19
CVE-2026-27670 🟡 MEDIUM 5.8 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition 2026-03-19
CVE-2026-32035 🟡 MEDIUM 5.8 OpenClaw < 2026.3.2 - Missing Owner Flag Validation in Discord Voice Transcript Handler 2026-03-19
CVE-2026-29608 🟡 MEDIUM 5.4 OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting 2026-03-19
CVE-2026-32001 🟡 MEDIUM 5.3 OpenClaw < 2026.2.22 - Node Role Device-Identity Bypass via WebSocket Authentication 2026-03-19
CVE-2026-31989 🟡 MEDIUM 5.3 OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect 2026-03-19
CVE-2026-33578 🟡 MEDIUM 5.3 OpenClaw < 2026.3.28 - Sender Policy Allowlist Bypass via Policy Downgrade in Google Chat and Zalouser Extensions 2026-03-31
CVE-2026-34425 🟡 MEDIUM 5.3 OpenClaw - Shell-Bleed Protection Preflight Validation Bypass 2026-04-02
CVE-2026-35629 🟡 MEDIUM 5.3 OpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel Extensions 2026-04-09
CVE-2026-35642 🟡 MEDIUM 5.3 OpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention Bypass 2026-04-09
CVE-2026-35662 🟡 MEDIUM 5.3 OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action 2026-04-10
CVE-2026-35651 🟡 MEDIUM 5.3 OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence Injection in Approval Prompt 2026-04-10
CVE-2026-41298 🟡 MEDIUM 5.3 OpenClaw < 2026.4.2 - Authorization Bypass in Session Termination Endpoint 2026-04-20
CVE-2026-41297 🟡 MEDIUM 4.8 OpenClaw < 2026.3.31 - Server-Side Request Forgery via Marketplace Plugin Download Redirect 2026-04-20
CVE-2026-27486 🟡 MEDIUM 4.3 OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup 2026-02-21
CVE-2026-24764 🟢 LOW 3.7 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions 2026-02-19
CVE-2026-32037 🟢 LOW 2.3 OpenClaw < 2026.2.22 - Redirect Chain Bypass of Media Host Allowlist in MSTeams Attachment Handling 2026-03-19
CVE-2026-35648 🟢 LOW 2.3 OpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Queued Node Actions 2026-04-10
CVE-2026-32970 🟢 LOW 2 OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs 2026-03-31
CVE-2026-41330 🟢 LOW 2 OpenClaw < 2026.3.31 - Environment Variable Override via Host Exec Policy 2026-04-20

🔄 CVE 发布流水线

17/17 已发布
CVE ID状态CNAGHSA 发布日期cvelistV5
CVE-2026-24763 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25253 ✅ PUBLISHED mitre 2026-02-02 ✅ 已收录
CVE-2026-26317 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-26328 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-28452 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28458 ✅ PUBLISHED VulnCheck 2026-02-17 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-40037 ✅ PUBLISHED VulnCheck 2026-04-09 ✅ 已收录
CVE-2026-40045 ✅ PUBLISHED VulnCheck 2026-04-07 ✅ 已收录
CVE-2026-41295 ✅ PUBLISHED VulnCheck 2026-04-07 ✅ 已收录
CVE-2026-41298 ✅ PUBLISHED VulnCheck 2026-04-07 ✅ 已收录
CVE-2026-41301 ✅ PUBLISHED VulnCheck 2026-04-07 ✅ 已收录
CVE-2026-6011 ✅ PUBLISHED 2026-04-10 ✅ 已收录
CVE-2026-40037 ✅ PUBLISHED | [GHSA-5wj5-87vq-39xm](https://github.com/advisories/GHSA-5wj5-87vq-39xm) 2026-04-09 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED | [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q) 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED | [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h) 2026-02-18 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED | [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq) 2026-02-02 ✅ 已收录
CVE-2026-24763 ✅ PUBLISHED | [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w) 2026-02-02 ✅ 已收录
CVE-2026-40045 ✅ PUBLISHED | [GHSA-2qrv-rc5x-2g2h](https://github.com/advisories/GHSA-2qrv-rc5x-2g2h) 2026-04-07 ✅ 已收录
CVE-2026-41298 ✅ PUBLISHED | [GHSA-h43v-27wg-5mf9](https://github.com/advisories/GHSA-h43v-27wg-5mf9) 2026-04-07 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED | [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj) 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED | [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m) 2026-02-18 ✅ 已收录
CVE-2026-6011 ✅ PUBLISHED | [GHSA-5f7h-p83x-5vc2](https://github.com/advisories/GHSA-5f7h-p83x-5vc2) 2026-04-10 ✅ 已收录

📢 安全公告精选

140+
GHSA-xh72-v6v CRITICAL
OpenClaw: Feishu webhook and card-action validation now fail closed
2026-04-17
GHSA-mr34-955 HIGH
OpenClaw: Webchat media embedding enforces local-root containment for tool-result files
2026-04-17
GHSA-2gvc-4f3 HIGH
OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries
2026-04-17
GHSA-xmxx-7p2 HIGH
OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
2026-04-17
GHSA-66r7-m7x HIGH
OpenClaw: QQBot media tags could read arbitrary local files through reply text
2026-04-17
GHSA-2cq5-mf3 HIGH
OpenClaw: busybox and toybox applet execution weakened exec approval binding
2026-04-17
GHSA-7jp6-r74 HIGH
OpenClaw: Matrix profile config persistence was reachable from operator.write message tools
2026-04-17
GHSA-736r-jwj HIGH
OpenClaw: Sandboxed agents could escape exec routing via host=node override
2026-04-17
GHSA-939r-rj4 HIGH
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins
2026-04-17
GHSA-525j-hqq HIGH
OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0
2026-04-17
GHSA-82qx-6vj HIGH
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows
2026-04-17
GHSA-vfp4-8x5 HIGH
OpenClaw: Exec environment denylist missed high-risk interpreter startup variables
2026-04-17

📊 漏洞分类

白名单绕过 (Allowlist Bypass)
60
注入攻击 (XSS/CSRF/Prompt/Command)
34
认证绕过 / 缺失认证
10
SSRF
5
拒绝服务 (DoS)
6
路径穿越 (CWE-22)
3
原型污染 (Prototype Pollution)
1

💡 关键洞察

📈
6.9
平均 CVSS 评分
🔴
200%
HIGH 及以上漏洞占比
100%
CVE 已发布到 cvelistV5
🛡️
100%
已提供修复版本
🏢
3
CNA 来源 (VulnCheck / GitHub / MITRE)
📦
npm
受影响包 (openclaw)