UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

136

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-32915	🟣 CRITICAL	9.3	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Subagent Control Surface	2026-03-29
CVE-2026-32987	🟣 CRITICAL	9.3	OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing	2026-03-29
CVE-2026-32916	🟣 CRITICAL	9.2	OpenClaw 2026.3.7 < 2026.3.11 - Authorization Bypass in Plugin Subagent Routes via Synthetic Admin Scopes	2026-03-31
CVE-2026-43585	🟣 CRITICAL	9.2	OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation	2026-05-06
CVE-2026-44109	🟣 CRITICAL	9.2	OpenClaw: Feishu webhook and card-action validation now fail closed	2026-05-06
CVE-2026-41386	🟣 CRITICAL	9.1	OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes	2026-04-28
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-32974	🔴 HIGH	8.8	OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token	2026-03-29
CVE-2026-28462	🔴 HIGH	8.7	OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths	2026-03-05
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-32013	🔴 HIGH	8.7	OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods	2026-03-19
CVE-2026-32042	🔴 HIGH	8.7	OpenClaw < 2026.2.25 - Privilege Escalation via Unpaired Device Identity in Shared Gateway Authentication	2026-03-21
CVE-2026-32049	🔴 HIGH	8.7	OpenClaw < 2026.2.22 - Denial of Service via Inbound Media Download Byte Limit Bypass	2026-03-21
CVE-2026-32062	🔴 HIGH	8.7	OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream	2026-03-11
CVE-2026-32914	🔴 HIGH	8.7	OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints	2026-03-29
CVE-2026-32982	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs	2026-03-31
CVE-2026-35639	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation	2026-04-09
CVE-2026-35638	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI	2026-04-09
CVE-2026-42426	🔴 HIGH	8.7	OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope	2026-04-28
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-28463	🔴 HIGH	8.6	OpenClaw < 2026.2.14 - Arbitrary File Read via Shell Expansion in Safe Bins Allowlist	2026-03-05
CVE-2026-33579	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval	2026-03-31
CVE-2026-32064	🔴 HIGH	8.5	OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer	2026-03-21
CVE-2026-35625	🔴 HIGH	8.5	OpenClaw < 2026.3.25 - Privilege Escalation via Silent Local Shared-Auth Reconnect	2026-04-09
CVE-2026-44114	🔴 HIGH	8.5	OpenClaw: Workspace dotenv could override runtime-control environment variables	2026-05-06
CVE-2026-44118	🔴 HIGH	8.5	OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Token Header	2026-05-06
CVE-2026-45004	🔴 HIGH	8.4	OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution	2026-05-11
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-32045	🔴 HIGH	8.2	OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth	2026-03-21
CVE-2026-35630	🔴 HIGH	8	OpenClaw < 2026.5.18 - QQBot Missing Approver Identity Enforcement in Native Approval Buttons	2026-05-29
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries	2026-05-06
CVE-2026-45006	🔴 HIGH	7.7	OpenClaw < 2026.4.23 - Unsafe Config Mutation via Gateway Tool Denylist Bypass	2026-05-11
CVE-2026-27487	🔴 HIGH	7.6	OpenClaw: Prevent shell injection in macOS keychain credential write	2026-02-21
CVE-2026-42431	🔴 HIGH	7.6	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass	2026-04-28
CVE-2026-42428	🔴 HIGH	7.5	OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads	2026-04-28
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-32016	🔴 HIGH	7.3	OpenClaw < 2026.2.22 - Path Traversal via Basename-Only Allowlist Matching on macOS	2026-03-19
CVE-2026-32971	🔴 HIGH	7.3	OpenClaw < 2026.3.11 - Node-Host Approval UI Mismatch Allows Execution of Unintended Commands	2026-03-31
CVE-2026-32032	🔴 HIGH	7.3	OpenClaw < 2026.2.22 - Arbitrary Shell Execution via Unvalidated SHELL Environment Variable	2026-03-19
CVE-2026-26320	🔴 HIGH	7.1	OpenClaw macOS deep link confirmation truncation can conceal executed agent message	2026-02-19
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-26329	🔴 HIGH	7.1	OpenClaw has a path traversal in browser upload allows local file read	2026-02-19
CVE-2026-29607	🔴 HIGH	7.1	OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence	2026-03-19
CVE-2026-32008	🔴 HIGH	7.1	OpenClaw < 2026.2.21 - Arbitrary Local File Read via Browser Navigation Guard	2026-03-19
CVE-2026-32972	🔴 HIGH	7.1	OpenClaw < 2026.3.11 - Authorization Bypass in Browser Profile Management via browser.request	2026-03-29
CVE-2026-35668	🔴 HIGH	7.1	OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters	2026-04-10
CVE-2026-41385	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass	2026-04-28
CVE-2026-41375	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints	2026-04-28
CVE-2026-41379	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice Config	2026-04-28
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-32009	🔴 HIGH	7	OpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBins	2026-03-19
CVE-2026-27003	🟡 MEDIUM	6.9	OpenClaw: Telegram bot token exposure via logs	2026-02-19
CVE-2026-27488	🟡 MEDIUM	6.9	OpenClaw hardened cron webhook delivery against SSRF	2026-02-21
CVE-2026-27004	🟡 MEDIUM	6.9	OpenClaw session tool visibility hardening and Telegram webhook secret fallback	2026-02-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-32919	🟡 MEDIUM	6.9	OpenClaw < 2026.3.11 - Unauthorized Session Reset via agent Slash Commands	2026-03-29
CVE-2026-35627	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling	2026-04-09
CVE-2026-35640	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing	2026-04-09
CVE-2026-41343	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Denial of Service via LINE Webhook Handler Pre-Auth Concurrency	2026-04-23
CVE-2026-35655	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution	2026-04-10
CVE-2026-44116	🟡 MEDIUM	6.9	OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation	2026-05-06
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-25475	🟡 MEDIUM	6.5	OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction	2026-02-04
CVE-2026-28449	🟡 MEDIUM	6.3	OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression	2026-03-19
CVE-2026-28395	🟡 MEDIUM	6.3	OpenClaw 2026.1.14-1 < 2026.2.12 - Unintended Public Binding of Chrome Extension Relay via Wildcard cdpUrl	2026-03-05
CVE-2026-32896	🟡 MEDIUM	6.3	OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin	2026-03-21
CVE-2026-35623	🟡 MEDIUM	6.3	OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Webhook Password Rate Limiting	2026-04-09
CVE-2026-35635	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat	2026-04-09
CVE-2026-41337	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay	2026-04-23
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-43572	🟡 MEDIUM	6.3	OpenClaw 2026.4.10 < 2026.4.14 - Missing Sender Authorization in Microsoft Teams SSO Invoke Handler	2026-05-05
CVE-2026-44117	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload	2026-05-06
CVE-2026-44999	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Improper Trust Labeling in Isolated Cron Awareness Events	2026-05-11
CVE-2026-45002	🟡 MEDIUM	6.3	OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template Mapping	2026-05-11
CVE-2026-35645	🟡 MEDIUM	6.1	OpenClaw < 2026.3.25 - Privilege Escalation via Synthetic operator.admin in deleteSession	2026-04-09
CVE-2026-32002	🟡 MEDIUM	6	OpenClaw < 2026.2.23 - Sandbox Boundary Bypass via Image Tool workspaceOnly Bypass	2026-03-19
CVE-2026-43570	🟡 MEDIUM	6	OpenClaw contains a symlink traversal vulnerability	2026-05-05
CVE-2026-43583	🟡 MEDIUM	6	OpenClaw 2026.4.10 < 2026.4.14 - Loss of Group Tool-Policy Context in Delivery Queue Recovery	2026-05-06
CVE-2026-44113	🟡 MEDIUM	6	OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes	2026-05-06
CVE-2026-44112	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes	2026-05-06
CVE-2026-32043	🟡 MEDIUM	5.9	OpenClaw < 2026.2.25 - Time-of-Check-Time-of-Use via Mutable Symlink in system.run cwd Parameter	2026-03-21
CVE-2026-40045	🟡 MEDIUM	5.9	OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints	2026-04-20
CVE-2026-45005	🟡 MEDIUM	5.9	OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invalidated After Rotation	2026-05-11
CVE-2026-22217	🟡 MEDIUM	5.8	OpenClaw 2026.2.22 < 2026.2.23 - Arbitrary Binary Execution via $SHELL Environment Variable Trusted Prefix Fallback	2026-03-18
CVE-2026-32010	🟡 MEDIUM	5.8	OpenClaw < 2026.2.22 - Allowlist Bypass via sort --compress-program Parameter	2026-03-19
CVE-2026-41373	🟡 MEDIUM	5.8	OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy	2026-04-28
CVE-2026-41915	🟡 MEDIUM	5.8	OpenClaw < 2026.4.8 - Git Environment Variable Injection via Unfiltered Exec Environment	2026-04-28
CVE-2026-44995	🟡 MEDIUM	5.4	OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config	2026-05-11
CVE-2026-32895	🟡 MEDIUM	5.3	OpenClaw < 2026.2.26 - Sender Authorization Bypass in Slack System Event Handlers	2026-03-21
CVE-2026-32921	🟡 MEDIUM	5.3	OpenClaw < 2026.3.8 - Script Content Modification via Mutable Operand Binding in system.run	2026-03-31
CVE-2026-35619	🟡 MEDIUM	5.3	OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint	2026-04-10
CVE-2026-32923	🟡 MEDIUM	5.3	OpenClaw < 2026.3.11 - Authorization Bypass in Discord Guild Reaction Allowlist Enforcement	2026-03-29
CVE-2026-35620	🟡 MEDIUM	5.3	OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands	2026-04-10
CVE-2026-41350	🟡 MEDIUM	5.3	OpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed Invocations	2026-04-23
CVE-2026-41344	🟡 MEDIUM	5.3	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter	2026-04-23
CVE-2026-35634	🟡 MEDIUM	5.1	OpenClaw < 2026.3.23 - Authentication Bypass via Local-Direct Requests in Canvas Gateway	2026-04-09
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-43532	🟡 MEDIUM	4.9	OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image	2026-05-05
CVE-2026-43580	🟡 MEDIUM	4.9	OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage	2026-05-06
CVE-2026-43582	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass	2026-05-06
CVE-2026-43576	🟡 MEDIUM	4.9	OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL	2026-05-06
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-32046	🟡 MEDIUM	4.8	OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag	2026-03-21
CVE-2026-32020	🟡 MEDIUM	4.8	OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler	2026-03-19
CVE-2026-42430	🟡 MEDIUM	4.8	OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling	2026-04-28
CVE-2026-41338	🟡 MEDIUM	4.3	OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations	2026-04-23
CVE-2026-44992	🟡 MEDIUM	4.1	OpenClaw 2026.4.5 < 2026.4.20 - MiniMax API Host Override via Workspace dotenv	2026-05-11
CVE-2026-45003	🟡 MEDIUM	4.1	OpenClaw: Workspace dotenv files cannot override connector endpoint hosts	2026-05-11
CVE-2026-32037	🟢 LOW	2.3	OpenClaw < 2026.2.22 - Redirect Chain Bypass of Media Host Allowlist in MSTeams Attachment Handling	2026-03-19
CVE-2026-34507	🟢 LOW	2.3	OpenClaw < 2026.4.29 - Policy Bypass in QQBot Admin Commands via DM-only and allowFrom Checks	2026-05-29
CVE-2026-35648	🟢 LOW	2.3	OpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Queued Node Actions	2026-04-10
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41356	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate	2026-04-23
CVE-2026-41341	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Component Interaction Misclassification in Discord Extension	2026-04-23
CVE-2026-41382	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation Gaps	2026-04-28
CVE-2026-42421	🟢 LOW	2.3	OpenClaw < 2026.4.8 - WebSocket Session Persistence via Shared Gateway Token Rotation	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-44111	🟢 LOW	2.3	OpenClaw < 2026.4.15 - Arbitrary Markdown File Read via QMD memory_get	2026-05-06
CVE-2026-44991	🟢 LOW	2.3	OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners	2026-05-11
CVE-2026-44993	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Direct Message Misclassification in Feishu Card Actions	2026-05-11
CVE-2026-44997	🟢 LOW	2.3	OpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child Sessions	2026-05-11
CVE-2026-44998	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Tool Policy Bypass via Bundled MCP/LSP Tools	2026-05-11
CVE-2026-31996	🟢 LOW	2	OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags	2026-03-19

🔄 CVE 发布流水线

48/48 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43570	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43576	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43580	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44110	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-44112	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44117	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	VulnCheck	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-44997	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-44999	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45002	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	VulnCheck	2026-05-05	✅ 已收录
CVE-2026-45004	✅ PUBLISHED	\| [GHSA-cwj3-vqpp-pmxr](https://github.com/advisories/GHSA-cwj3-vqpp-pmxr)	2026-05-05	✅ 已收录
CVE-2026-44118	✅ PUBLISHED	\| [GHSA-5mh4-3rv3-fpcf](https://github.com/advisories/GHSA-5mh4-3rv3-fpcf)	2026-05-04	✅ 已收录
CVE-2026-44114	✅ PUBLISHED	\| [GHSA-394x-274p-mqc6](https://github.com/advisories/GHSA-394x-274p-mqc6)	2026-04-25	✅ 已收录
CVE-2026-44109	✅ PUBLISHED	\| [GHSA-2gvc-4f3c-2855](https://github.com/advisories/GHSA-2gvc-4f3c-2855)	2026-04-17	✅ 已收录
CVE-2026-43585	✅ PUBLISHED	\| [GHSA-66r7-m7xm-v49h](https://github.com/advisories/GHSA-66r7-m7xm-v49h)	2026-04-17	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	\| [GHSA-7jp6-r74r-995q](https://github.com/advisories/GHSA-7jp6-r74r-995q)	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	\| [GHSA-939r-rj45-g2rj](https://github.com/advisories/GHSA-939r-rj45-g2rj)	2026-04-17	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	\| [GHSA-525j-hqq2-66r4](https://github.com/advisories/GHSA-525j-hqq2-66r4)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-45005	✅ PUBLISHED	\| [GHSA-35mw-5vvr-vrxc](https://github.com/advisories/GHSA-35mw-5vvr-vrxc)	2026-05-05	✅ 已收录
CVE-2026-44113	✅ PUBLISHED	\| [GHSA-wppj-c6mr-83jj](https://github.com/advisories/GHSA-wppj-c6mr-83jj)	2026-05-04	✅ 已收录
CVE-2026-45003	✅ PUBLISHED	\| [GHSA-q3jj-46pq-826r](https://github.com/advisories/GHSA-q3jj-46pq-826r)	2026-05-04	✅ 已收录
CVE-2026-44116	✅ PUBLISHED	\| [GHSA-93rg-2xm5-2p9v](https://github.com/advisories/GHSA-93rg-2xm5-2p9v)	2026-05-04	✅ 已收录
CVE-2026-44991	✅ PUBLISHED	\| [GHSA-gfg9-5357-hv4c](https://github.com/advisories/GHSA-gfg9-5357-hv4c)	2026-04-29	✅ 已收录
CVE-2026-44992	✅ PUBLISHED	\| [GHSA-c4qg-j8jg-42q5](https://github.com/advisories/GHSA-c4qg-j8jg-42q5)	2026-04-25	✅ 已收录
CVE-2026-44995	✅ PUBLISHED	\| [GHSA-2xcp-x87w-q377](https://github.com/advisories/GHSA-2xcp-x87w-q377)	2026-04-25	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-f7fh-qg34-x2xh](https://github.com/advisories/GHSA-f7fh-qg34-x2xh)	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	\| [GHSA-536q-mj95-h29h](https://github.com/advisories/GHSA-536q-mj95-h29h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43582	✅ PUBLISHED	\| [GHSA-2767-2q9v-9326](https://github.com/advisories/GHSA-2767-2q9v-9326)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-57r2-h2wj-g887](https://github.com/advisories/GHSA-57r2-h2wj-g887)	2026-05-04	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	\| [GHSA-j4c5-89f5-f3pm](https://github.com/advisories/GHSA-j4c5-89f5-f3pm)	2026-04-25	✅ 已收录

📢 安全公告精选

186+

GHSA-m8wm-r5v CRITICAL

Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-05-06

GHSA-cjg8-85g CRITICAL

Duplicate Advisory: OpenClaw: Feishu webhook and card-action validation now fail closed

2026-05-06

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17 CVE-2026-44109

GHSA-xmxx-7p2 CRITICAL

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-04-17 CVE-2026-43585

GHSA-xpr6-2hg HIGH

Duplicate Advisory: OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-11

GHSA-9r9j-3r2 HIGH

Duplicate Advisory: OpenClaw: Workspace dotenv could override runtime-control environment variables

2026-05-06

GHSA-35vf-vw9 HIGH

Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-06

GHSA-xrgf-r9g HIGH

Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

2026-05-06

GHSA-79rr-5c8 HIGH

Duplicate Advisory: OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

2026-05-06

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05 CVE-2026-45004

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04 CVE-2026-44118

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.5

平均 CVSS 评分

🔴

102%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察