每日自动更新

🛡️ UCloud OpenClaw CVEs

安全漏洞追踪面板 — 基于 cvelistV5 + GitHub Advisory Database 数据

39
已发布 CVE
148
安全公告
45
HIGH / CRITICAL
39/39
Pipeline 全部已发布
📋 CVE 列表 🔄 发布流水线 📢 安全公告 📊 漏洞分类 💡 关键洞察

📋 已发布 CVE(cvelistV5)

124
CVE ID严重性CVSS漏洞描述发布日期
CVE-2026-22172 🟣 CRITICAL 9.4 OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections 2026-03-20
CVE-2026-32987 🟣 CRITICAL 9.3 OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing 2026-03-29
CVE-2026-43534 🟣 CRITICAL 9.3 OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events 2026-05-05
CVE-2026-32916 🟣 CRITICAL 9.2 OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes 2026-03-31
CVE-2026-32917 🟣 CRITICAL 9.2 OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP 2026-03-31
CVE-2026-43566 🟣 CRITICAL 9.1 OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events 2026-05-05
CVE-2026-43533 🔴 HIGH 8.9 OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags 2026-05-05
CVE-2026-25253 🔴 HIGH 8.8 OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl 2026-02-01
CVE-2026-24763 🔴 HIGH 8.8 OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable 2026-02-02
CVE-2026-28478 🔴 HIGH 8.7 OpenClaw affected by denial of service via unbounded webhook request body buffering 2026-03-05
CVE-2026-32060 🔴 HIGH 8.7 OpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted Paths 2026-03-11
CVE-2026-33573 🔴 HIGH 8.7 OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters 2026-03-29
CVE-2026-35639 🔴 HIGH 8.7 OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation 2026-04-09
CVE-2026-35663 🔴 HIGH 8.7 OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim 2026-04-10
CVE-2026-41399 🔴 HIGH 8.7 OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades 2026-04-28
CVE-2026-41405 🔴 HIGH 8.7 OpenClaw < 2026.3.31 - Resource Exhaustion via Unauthenticated MS Teams Webhook Body Parsing 2026-04-28
CVE-2026-42434 🔴 HIGH 8.7 OpenClaw: Sandboxed agents could escape exec routing via host=node override 2026-05-05
CVE-2026-42435 🔴 HIGH 8.7 OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms 2026-05-05
CVE-2026-43530 🔴 HIGH 8.7 OpenClaw: busybox and toybox applet execution weakened exec approval binding 2026-05-05
CVE-2026-32920 🔴 HIGH 8.6 OpenClaw < 2026.3.12 - Arbitrary Code Execution via Auto-Discovery of Workspace Plugins 2026-03-31
CVE-2026-34503 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation 2026-03-31
CVE-2026-33579 🔴 HIGH 8.6 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval 2026-03-31
CVE-2026-41384 🔴 HIGH 8.5 OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend 2026-04-28
CVE-2026-43526 🔴 HIGH 8.3 OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes 2026-05-05
CVE-2026-28469 🔴 HIGH 8.2 OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting 2026-03-05
CVE-2026-32045 🔴 HIGH 8.2 OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth 2026-03-21
CVE-2026-42437 🔴 HIGH 8.2 OpenClaw: Voice-call realtime WebSocket accepted oversized frames 2026-05-05
CVE-2026-25157 🔴 HIGH 7.8 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand 2026-02-04
CVE-2026-32048 🔴 HIGH 7.7 OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn 2026-03-21
CVE-2026-35650 🔴 HIGH 7.7 OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization 2026-04-10
CVE-2026-42422 🔴 HIGH 7.7 OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function 2026-04-28
CVE-2026-42423 🔴 HIGH 7.7 OpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout Fallback 2026-04-28
CVE-2026-43569 🔴 HIGH 7.7 OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins 2026-05-05
CVE-2026-43571 🔴 HIGH 7.7 OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows 2026-05-05
CVE-2026-27487 🔴 HIGH 7.6 OpenClaw: Prevent shell injection in macOS keychain credential write 2026-02-21
CVE-2026-32007 🔴 HIGH 7.6 OpenClaw < 2026.2.23 - Sandbox Bypass in apply_patch Tool via Workspace-Only Check Bypass 2026-03-19
CVE-2026-42431 🔴 HIGH 7.6 OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass 2026-04-28
CVE-2026-43535 🔴 HIGH 7.6 OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches 2026-05-05
CVE-2026-25474 🔴 HIGH 7.5 OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass 2026-02-19
CVE-2026-28485 🔴 HIGH 7.5 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints 2026-03-05
CVE-2026-32025 🔴 HIGH 7.5 OpenClaw < 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass 2026-03-19
CVE-2026-42428 🔴 HIGH 7.5 OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads 2026-04-28
CVE-2026-28458 🔴 HIGH 7.4 OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access 2026-03-05
CVE-2026-41342 🔴 HIGH 7.4 OpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Remote Onboarding 2026-04-23
CVE-2026-32971 🔴 HIGH 7.3 OpenClaw < 2026.3.11 - Node-Host Approval UI Mismatch Allows Execution of Unintended Commands 2026-03-31
CVE-2026-26317 🔴 HIGH 7.1 OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints 2026-02-19
CVE-2026-31992 🔴 HIGH 7.1 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S 2026-03-19
CVE-2026-29607 🔴 HIGH 7.1 OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence 2026-03-19
CVE-2026-32972 🔴 HIGH 7.1 OpenClaw < 2026.3.11 - Authorization Bypass in Browser Profile Management via browser.request 2026-03-29
CVE-2026-35621 🔴 HIGH 7.1 OpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist Persistence 2026-04-10
CVE-2026-32026 🔴 HIGH 7.1 OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox 2026-03-19
CVE-2026-35644 🔴 HIGH 7.1 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots 2026-04-09
CVE-2026-41369 🔴 HIGH 7.1 OpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host Execution 2026-04-27
CVE-2026-41385 🔴 HIGH 7.1 OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass 2026-04-28
CVE-2026-42433 🔴 HIGH 7.1 OpenClaw: Matrix profile config persistence was reachable from operator.write message tools 2026-05-05
CVE-2026-43528 🔴 HIGH 7.1 OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases 2026-05-05
CVE-2026-43567 🔴 HIGH 7.1 OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter 2026-05-05
CVE-2026-43568 🔴 HIGH 7.1 OpenClaw: Memory dreaming config persistence was reachable from operator.write commands 2026-05-05
CVE-2026-41390 🔴 HIGH 7 OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper 2026-04-28
CVE-2026-43531 🔴 HIGH 7 OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File 2026-05-05
CVE-2026-27004 🟡 MEDIUM 6.9 OpenClaw session tool visibility hardening and Telegram webhook secret fallback 2026-02-19
CVE-2026-28394 🟡 MEDIUM 6.9 OpenClaw < 2026.2.15 - Denial of Service via Unbounded Response Parsing in web_fetch Tool 2026-03-05
CVE-2026-28480 🟡 MEDIUM 6.9 OpenClaw Telegram allowlist authorization accepted mutable usernames 2026-03-05
CVE-2026-35627 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling 2026-04-09
CVE-2026-32924 🟡 MEDIUM 6.9 OpenClaw < 2026.3.12 - Authorization Bypass via Misclassified Reaction Events in Feishu 2026-03-29
CVE-2026-35626 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook 2026-04-09
CVE-2026-35655 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution 2026-04-10
CVE-2026-35637 🟡 MEDIUM 6.9 OpenClaw < 2026.3.22 - Premature Cite Expansion Before Authorization in Channel and DM 2026-04-09
CVE-2026-41331 🟡 MEDIUM 6.9 OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription 2026-04-20
CVE-2026-35640 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing 2026-04-09
CVE-2026-35661 🟡 MEDIUM 6.9 OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass 2026-04-10
CVE-2026-29612 🟡 MEDIUM 6.8 OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding 2026-03-05
CVE-2026-28486 🟡 MEDIUM 6.8 OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands 2026-03-05
CVE-2026-33572 🟡 MEDIUM 6.8 OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files 2026-03-29
CVE-2026-28452 🟡 MEDIUM 6.7 OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR) 2026-03-05
CVE-2026-26328 🟡 MEDIUM 6.5 OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities 2026-02-19
CVE-2026-28475 🟡 MEDIUM 6.3 OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison 2026-03-05
CVE-2026-32896 🟡 MEDIUM 6.3 OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin 2026-03-21
CVE-2026-32897 🟡 MEDIUM 6.3 OpenClaw < 2026.2.22 - Authentication Token Reuse in Owner ID Prompt Hashing Fallback 2026-03-21
CVE-2026-35635 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat 2026-04-09
CVE-2026-35628 🟡 MEDIUM 6.3 OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting 2026-04-09
CVE-2026-35656 🟡 MEDIUM 6.3 OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter 2026-04-10
CVE-2026-35646 🟡 MEDIUM 6.3 OpenClaw < 2026.3.25 - Pre-Authentication Rate-Limit Bypass in Webhook Token Validation 2026-04-09
CVE-2026-41340 🟡 MEDIUM 6.3 OpenClaw < 2026.3.31 - Authentication Boundary Bypass via Telegram Legacy allowFrom Migration 2026-04-23
CVE-2026-43527 🟡 MEDIUM 6.3 OpenClaw: Browser SSRF policy default allowed private-network navigation 2026-05-05
CVE-2026-43572 🟡 MEDIUM 6.3 OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks 2026-05-05
CVE-2026-22181 🟡 MEDIUM 6.1 OpenClaw < 2026.3.2 - DNS Pinning Bypass via Environment Proxy Configuration in web_fetch 2026-03-18
CVE-2026-32034 🟡 MEDIUM 6.1 OpenClaw < 2026.2.21 - Insecure Control UI Authentication over Plaintext HTTP 2026-03-19
CVE-2026-32057 🟡 MEDIUM 6 OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter 2026-03-21
CVE-2026-35670 🟡 MEDIUM 6 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat 2026-04-10
CVE-2026-41345 🟡 MEDIUM 6 OpenClaw < 2026.3.31 - Authorization Header Leak via Cross-Origin Redirect in Media Download 2026-04-23
CVE-2026-41363 🟡 MEDIUM 6 OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter 2026-04-27
CVE-2026-43574 🟡 MEDIUM 6 OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists 2026-05-05
CVE-2026-40045 🟡 MEDIUM 5.9 OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints 2026-04-20
CVE-2026-27009 🟡 MEDIUM 5.8 OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection 2026-02-19
CVE-2026-27670 🟡 MEDIUM 5.8 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition 2026-03-19
CVE-2026-32000 🟡 MEDIUM 5.8 OpenClaw < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Tool Execution 2026-03-19
CVE-2026-31993 🟡 MEDIUM 5.6 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains 2026-03-19
CVE-2026-31989 🟡 MEDIUM 5.3 OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect 2026-03-19
CVE-2026-35651 🟡 MEDIUM 5.3 OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence Injection in Approval Prompt 2026-04-10
CVE-2026-35662 🟡 MEDIUM 5.3 OpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send Action 2026-04-10
CVE-2026-35634 🟡 MEDIUM 5.1 OpenClaw < 2026.3.23 - Authentication Bypass via Local-Direct Requests in Canvas Gateway 2026-04-09
CVE-2026-41361 🟡 MEDIUM 5.1 OpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use Ranges 2026-04-23
CVE-2026-42436 🟡 MEDIUM 4.9 OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation 2026-05-05
CVE-2026-42438 🟡 MEDIUM 4.9 OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure 2026-05-05
CVE-2026-43532 🟡 MEDIUM 4.9 OpenClaw: Discord event cover images bypassed sandbox media normalization 2026-05-05
CVE-2026-43573 🟡 MEDIUM 4.9 OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement 2026-05-05
CVE-2026-42439 🟡 MEDIUM 4.9 OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes 2026-05-05
CVE-2026-27007 🟡 MEDIUM 4.8 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation 2026-02-19
CVE-2026-41912 🟡 MEDIUM 4.8 OpenClaw < 2026.4.8 - Server-Side Request Forgery Policy Bypass via Interaction-Triggered Navigation 2026-04-28
CVE-2026-42430 🟡 MEDIUM 4.8 OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling 2026-04-28
CVE-2026-27485 🟡 MEDIUM 4.6 OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection 2026-02-21
CVE-2026-24764 🟢 LOW 3.7 OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions 2026-02-19
CVE-2026-32006 🟢 LOW 2.3 OpenClaw < 2026.2.26 - Authorization Bypass via DM Pairing-Store Fallback in Group Allowlist 2026-03-19
CVE-2026-35624 🟢 LOW 2.3 OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk 2026-04-09
CVE-2026-34506 🟢 LOW 2.3 OpenClaw < 2026.3.8 - Sender Allowlist Bypass in Microsoft Teams Plugin via Route Allowlist Configuration 2026-03-31
CVE-2026-41341 🟢 LOW 2.3 OpenClaw < 2026.3.31 - Component Interaction Misclassification in Discord Extension 2026-04-23
CVE-2026-41358 🟢 LOW 2.3 OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context 2026-04-23
CVE-2026-41381 🟢 LOW 2.3 OpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel Allowlist 2026-04-28
CVE-2026-41908 🟢 LOW 2.3 OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route 2026-04-23
CVE-2026-31996 🟢 LOW 2 OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags 2026-03-19
CVE-2026-32058 🟢 LOW 2 OpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node 2026-03-21
CVE-2026-32970 🟢 LOW 2 OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs 2026-03-31
CVE-2026-43529 🟢 LOW 2 OpenClaw: TOCTOU read in exec script preflight 2026-05-05

🔄 CVE 发布流水线

39/39 已发布
CVE ID状态CNAGHSA 发布日期cvelistV5
CVE-2026-24763 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED GitHub_M 2026-02-02 ✅ 已收录
CVE-2026-25253 ✅ PUBLISHED mitre 2026-02-02 ✅ 已收录
CVE-2026-26317 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-26328 ✅ PUBLISHED GitHub_M 2026-02-18 ✅ 已收录
CVE-2026-28452 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28458 ✅ PUBLISHED VulnCheck 2026-02-17 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED VulnCheck 2026-02-18 ✅ 已收录
CVE-2026-41358 ✅ PUBLISHED VulnCheck 2026-05-04 ✅ 已收录
CVE-2026-41908 ✅ PUBLISHED VulnCheck 2026-04-25 ✅ 已收录
CVE-2026-42433 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42434 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42435 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42436 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42437 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42438 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-42439 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43526 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43527 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43528 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43529 ✅ PUBLISHED VulnCheck 2026-04-16 ✅ 已收录
CVE-2026-43530 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43531 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43532 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43533 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43534 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43535 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43566 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43567 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43568 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43569 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43571 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43572 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43573 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-43574 ✅ PUBLISHED VulnCheck 2026-04-17 ✅ 已收录
CVE-2026-6011 ✅ PUBLISHED 2026-04-10 ✅ 已收录
CVE-2026-43533 ✅ PUBLISHED | [GHSA-2cq5-mf3v-mx44](https://github.com/advisories/GHSA-2cq5-mf3v-mx44) 2026-04-17 ✅ 已收录
CVE-2026-42433 ✅ PUBLISHED | [GHSA-736r-jwj6-4w23](https://github.com/advisories/GHSA-736r-jwj6-4w23) 2026-04-17 ✅ 已收录
CVE-2026-43569 ✅ PUBLISHED | [GHSA-82qx-6vj7-p8m2](https://github.com/advisories/GHSA-82qx-6vj7-p8m2) 2026-04-17 ✅ 已收录
CVE-2026-42437 ✅ PUBLISHED | [GHSA-8372-7vhw-cm6q](https://github.com/advisories/GHSA-8372-7vhw-cm6q) 2026-04-17 ✅ 已收录
CVE-2026-28469 ✅ PUBLISHED | [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q) 2026-02-18 ✅ 已收录
CVE-2026-28478 ✅ PUBLISHED | [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h) 2026-02-18 ✅ 已收录
CVE-2026-25157 ✅ PUBLISHED | [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq) 2026-02-02 ✅ 已收录
CVE-2026-24763 ✅ PUBLISHED | [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w) 2026-02-02 ✅ 已收录
CVE-2026-42438 ✅ PUBLISHED | [GHSA-527m-976r-jf79](https://github.com/advisories/GHSA-527m-976r-jf79) 2026-04-17 ✅ 已收录
CVE-2026-42439 ✅ PUBLISHED | [GHSA-jf25-7968-h2h5](https://github.com/advisories/GHSA-jf25-7968-h2h5) 2026-04-17 ✅ 已收录
CVE-2026-43527 ✅ PUBLISHED | [GHSA-2767-2q9v-9326](https://github.com/advisories/GHSA-2767-2q9v-9326) 2026-04-17 ✅ 已收录
CVE-2026-43531 ✅ PUBLISHED | [GHSA-c9h3-5p7r-mrjh](https://github.com/advisories/GHSA-c9h3-5p7r-mrjh) 2026-04-17 ✅ 已收录
CVE-2026-43574 ✅ PUBLISHED | [GHSA-7g8c-cfr3-vqqr](https://github.com/advisories/GHSA-7g8c-cfr3-vqqr) 2026-04-17 ✅ 已收录
CVE-2026-42435 ✅ PUBLISHED | [GHSA-5gjc-grvm-m88j](https://github.com/advisories/GHSA-5gjc-grvm-m88j) 2026-04-17 ✅ 已收录
CVE-2026-43566 ✅ PUBLISHED | [GHSA-c4qm-58hj-j6pj](https://github.com/advisories/GHSA-c4qm-58hj-j6pj) 2026-04-17 ✅ 已收录
CVE-2026-43535 ✅ PUBLISHED | [GHSA-f934-5rqf-xx47](https://github.com/advisories/GHSA-f934-5rqf-xx47) 2026-04-17 ✅ 已收录
CVE-2026-28480 ✅ PUBLISHED | [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj) 2026-02-18 ✅ 已收录
CVE-2026-29612 ✅ PUBLISHED | [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m) 2026-02-18 ✅ 已收录
CVE-2026-41358 ✅ PUBLISHED | [GHSA-v8qf-fr4g-28p2](https://github.com/advisories/GHSA-v8qf-fr4g-28p2) 2026-05-04 ✅ 已收录
CVE-2026-43572 ✅ PUBLISHED | [GHSA-r77c-2cmr-7p47](https://github.com/advisories/GHSA-r77c-2cmr-7p47) 2026-04-17 ✅ 已收录
CVE-2026-43529 ✅ PUBLISHED | [GHSA-52vj-fvrv-7q82](https://github.com/advisories/GHSA-52vj-fvrv-7q82) 2026-04-16 ✅ 已收录

📢 安全公告精选

148+
GHSA-xh72-v6v CRITICAL
OpenClaw: Feishu webhook and card-action validation now fail closed
2026-04-17
GHSA-cwj3-vqp HIGH
OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes
2026-05-05
GHSA-r39h-4c2 HIGH
OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution
2026-05-05
GHSA-wppj-c6m HIGH
OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
2026-05-04
GHSA-r6xh-pqh HIGH
OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens
2026-05-04
GHSA-7vq9-42c HIGH
Duplicate Advisory: OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md
2026-04-24
GHSA-jx3c-247 HIGH
Duplicate Advisory: OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code
2026-04-24
GHSA-66r7-m7x HIGH
OpenClaw: QQBot media tags could read arbitrary local files through reply text
2026-04-17 CVE-2026-43533
GHSA-2cq5-mf3 HIGH
OpenClaw: busybox and toybox applet execution weakened exec approval binding
2026-04-17 CVE-2026-43530
GHSA-7jp6-r74 HIGH
OpenClaw: Matrix profile config persistence was reachable from operator.write message tools
2026-04-17 CVE-2026-42433
GHSA-736r-jwj HIGH
OpenClaw: Sandboxed agents could escape exec routing via host=node override
2026-04-17 CVE-2026-42434
GHSA-939r-rj4 HIGH
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins
2026-04-17 CVE-2026-43569

📊 漏洞分类

白名单绕过 (Allowlist Bypass)
60
注入攻击 (XSS/CSRF/Prompt/Command)
34
认证绕过 / 缺失认证
10
SSRF
5
拒绝服务 (DoS)
6
路径穿越 (CWE-22)
3
原型污染 (Prototype Pollution)
1

💡 关键洞察

📈
6.6
平均 CVSS 评分
🔴
115%
HIGH 及以上漏洞占比
100%
CVE 已发布到 cvelistV5
🛡️
100%
已提供修复版本
🏢
3
CNA 来源 (VulnCheck / GitHub / MITRE)
📦
npm
受影响包 (openclaw)