UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

121

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-22172	🟣 CRITICAL	9.4	OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections	2026-03-20
CVE-2026-28466	🟣 CRITICAL	9.4	OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass	2026-03-05
CVE-2026-32978	🟣 CRITICAL	9.4	OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners	2026-03-29
CVE-2026-32918	🟣 CRITICAL	9.2	OpenClaw < 2026.3.11 - Session Sandbox Escape via session_status Tool	2026-03-29
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-32974	🔴 HIGH	8.8	OpenClaw < 2026.3.12 - Forged Event Injection via Feishu Webhook Verification Token	2026-03-29
CVE-2026-32973	🔴 HIGH	8.8	OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization	2026-03-29
CVE-2026-41394	🔴 HIGH	8.8	OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes	2026-04-28
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-29609	🔴 HIGH	8.7	OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch	2026-03-05
CVE-2026-32011	🔴 HIGH	8.7	OpenClaw < 2026.3.2 - Slow-Request Denial of Service via Pre-Auth Webhook Body Parsing	2026-03-19
CVE-2026-32013	🔴 HIGH	8.7	OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods	2026-03-19
CVE-2026-32914	🔴 HIGH	8.7	OpenClaw < 2026.3.12 - Insufficient Access Control in /config and /debug Endpoints	2026-03-29
CVE-2026-33573	🔴 HIGH	8.7	OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters	2026-03-29
CVE-2026-32982	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs	2026-03-31
CVE-2026-35639	🔴 HIGH	8.7	OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation	2026-04-09
CVE-2026-41303	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Authorization Bypass in Discord Text Approval Commands	2026-04-20
CVE-2026-41399	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	2026-04-28
CVE-2026-42426	🔴 HIGH	8.7	OpenClaw `node.pair.approve` placed in `operator.write` scope instead of `operator.pairing` allows unprivileged pairing approval	2026-04-28
CVE-2026-33579	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval	2026-03-31
CVE-2026-34503	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation	2026-03-31
CVE-2026-35643	🔴 HIGH	8.6	OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterface	2026-04-10
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-32045	🔴 HIGH	8.2	OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth	2026-03-21
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-42422	🔴 HIGH	7.7	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function	2026-04-28
CVE-2026-42423	🔴 HIGH	7.7	OpenClaw: strictInlineEval explicit-approval boundary bypassed by approval-timeout fallback on gateway and node exec hosts	2026-04-28
CVE-2026-27487	🔴 HIGH	7.6	OpenClaw: Prevent shell injection in macOS keychain credential write	2026-02-21
CVE-2026-32005	🔴 HIGH	7.6	OpenClaw < 2026.2.25 - Authorization Bypass in Interactive Callbacks via Sender Check Skip	2026-03-19
CVE-2026-42431	🔴 HIGH	7.6	OpenClaw `node.invoke(browser.proxy)` bypasses `browser.request` persistent profile-mutation guard	2026-04-28
CVE-2026-26316	🔴 HIGH	7.5	OpenClaw has BlueBubbles webhook auth bypass via loopback proxy trust	2026-02-19
CVE-2026-25474	🔴 HIGH	7.5	OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass	2026-02-19
CVE-2026-28485	🔴 HIGH	7.5	OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints	2026-03-05
CVE-2026-42428	🔴 HIGH	7.5	OpenClaw < 2026.4.8 - Missing Integrity Verification in Package Downloads	2026-04-28
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-32971	🔴 HIGH	7.3	OpenClaw < 2026.3.11 - Node-Host Approval UI Mismatch Allows Execution of Unintended Commands	2026-03-31
CVE-2026-42432	🔴 HIGH	7.3	OpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect Bypass	2026-04-28
CVE-2026-26320	🔴 HIGH	7.1	OpenClaw macOS deep link confirmation truncation can conceal executed agent message	2026-02-19
CVE-2026-22175	🔴 HIGH	7.1	OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers	2026-03-18
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-29607	🔴 HIGH	7.1	OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence	2026-03-19
CVE-2026-31992	🔴 HIGH	7.1	OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S	2026-03-19
CVE-2026-40037	🔴 HIGH	7.1	OpenClaw: `fetchWithSsrFGuard` replays unsafe request bodies across cross-origin redirects	2026-04-08
CVE-2026-41334	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass	2026-04-23
CVE-2026-41359	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence	2026-04-23
CVE-2026-41369	🔴 HIGH	7.1	OpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host Execution	2026-04-27
CVE-2026-32009	🔴 HIGH	7	OpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBins	2026-03-19
CVE-2026-27003	🟡 MEDIUM	6.9	OpenClaw: Telegram bot token exposure via logs	2026-02-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-32975	🟡 MEDIUM	6.9	OpenClaw < 2026.3.12 - Weak Authorization via Mutable Group Names in Zalouser Allowlist	2026-03-29
CVE-2026-35627	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Cryptographic Work in Nostr Inbound DM Handling	2026-04-09
CVE-2026-35640	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing	2026-04-09
CVE-2026-35633	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses	2026-04-09
CVE-2026-35626	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook	2026-04-09
CVE-2026-35632	🟡 MEDIUM	6.9	OpenClaw < 2026.2.22 - Symlink Traversal via IDENTITY.md appendFile in agents.create/update	2026-04-09
CVE-2026-35664	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Card Callbacks	2026-04-10
CVE-2026-41331	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription	2026-04-20
CVE-2026-41343	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Denial of Service via LINE Webhook Handler Pre-Auth Concurrency	2026-04-23
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-33572	🟡 MEDIUM	6.8	OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files	2026-03-29
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-32044	🟡 MEDIUM	6.7	OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation	2026-03-21
CVE-2026-32061	🟡 MEDIUM	6.7	OpenClaw < 2026.2.17 - Arbitrary File Read via $include Directive Path Traversal	2026-03-11
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-25475	🟡 MEDIUM	6.5	OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction	2026-02-04
CVE-2026-28449	🟡 MEDIUM	6.3	OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression	2026-03-19
CVE-2026-28475	🟡 MEDIUM	6.3	OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison	2026-03-05
CVE-2026-28476	🟡 MEDIUM	6.3	OpenClaw < 2026.2.14 - Server-Side Request Forgery in Tlon Extension Authentication	2026-03-05
CVE-2026-32031	🟡 MEDIUM	6.3	OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway	2026-03-19
CVE-2026-32896	🟡 MEDIUM	6.3	OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin	2026-03-21
CVE-2026-32050	🟡 MEDIUM	6.3	OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass	2026-03-21
CVE-2026-32897	🟡 MEDIUM	6.3	OpenClaw < 2026.2.22 - Authentication Token Reuse in Owner ID Prompt Hashing Fallback	2026-03-21
CVE-2026-35628	🟡 MEDIUM	6.3	OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting	2026-04-09
CVE-2026-35635	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat	2026-04-09
CVE-2026-35656	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter	2026-04-10
CVE-2026-35649	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist	2026-04-10
CVE-2026-41337	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay	2026-04-23
CVE-2026-41340	🟡 MEDIUM	6.3	OpenClaw < 2026.3.31 - Authentication Boundary Bypass via Telegram Legacy allowFrom Migration	2026-04-23
CVE-2026-41407	🟡 MEDIUM	6.3	OpenClaw < 2026.4.2 - Timing Side Channel in Shared-Secret Comparison	2026-04-28
CVE-2026-41913	🟡 MEDIUM	6.3	OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths	2026-04-28
CVE-2026-41383	🟡 MEDIUM	6.1	OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths	2026-04-28
CVE-2026-28460	🟡 MEDIUM	6	OpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.run	2026-03-19
CVE-2026-32057	🟡 MEDIUM	6	OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter	2026-03-21
CVE-2026-35658	🟡 MEDIUM	6	OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool	2026-04-10
CVE-2026-35670	🟡 MEDIUM	6	OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat	2026-04-10
CVE-2026-41363	🟡 MEDIUM	6	OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter	2026-04-27
CVE-2026-41911	🟡 MEDIUM	6	OpenClaw: Feishu docx upload_file/upload_image Bypasses Workspace-Only Filesystem Policy (GHSA-qf48-qfv4-jjm9 Incomplete Fix)	2026-04-28
CVE-2026-42429	🟡 MEDIUM	6	OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`	2026-04-28
CVE-2026-28481	🟡 MEDIUM	5.9	OpenClaw < 2026.2.1 - Bearer Token Leakage via MS Teams Attachment Downloader Suffix Matching	2026-03-05
CVE-2026-40045	🟡 MEDIUM	5.9	OpenClaw: Android accepted cleartext remote gateway endpoints and sent stored credentials over ws://	2026-04-20
CVE-2026-42424	🟡 MEDIUM	5.9	OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Reply MEDIA Paths	2026-04-28
CVE-2026-41393	🟡 MEDIUM	5.9	OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery	2026-04-28
CVE-2026-27670	🟡 MEDIUM	5.8	OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition	2026-03-19
CVE-2026-32010	🟡 MEDIUM	5.8	OpenClaw < 2026.2.22 - Allowlist Bypass via sort --compress-program Parameter	2026-03-19
CVE-2026-32000	🟡 MEDIUM	5.8	OpenClaw < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Tool Execution	2026-03-19
CVE-2026-42427	🟡 MEDIUM	5.8	OpenClaw: HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS missing from exec env denylist — RCE via build tool env injection (GHSA-cm8v-2vh9-cxf3 class)	2026-04-28
CVE-2026-41915	🟡 MEDIUM	5.8	OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant)	2026-04-28
CVE-2026-32065	🟡 MEDIUM	5.7	OpenClaw < 2026.2.25 - Approval Identity Mismatch in system.run Command Execution	2026-03-21
CVE-2026-29608	🟡 MEDIUM	5.4	OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting	2026-03-19
CVE-2026-26326	🟡 MEDIUM	5.3	OpenClaw skills.status could leak secrets to operator.read clients	2026-02-19
CVE-2026-32898	🟡 MEDIUM	5.3	OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata	2026-03-21
CVE-2026-35642	🟡 MEDIUM	5.3	OpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention Bypass	2026-04-09
CVE-2026-35651	🟡 MEDIUM	5.3	OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence Injection in Approval Prompt	2026-04-10
CVE-2026-42420	🟡 MEDIUM	5.3	OpenClaw < 2026.4.8 - Improper Base64 Decoding Size Validation	2026-04-28
CVE-2026-41914	🟡 MEDIUM	5.1	OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths	2026-04-28
CVE-2026-41377	🟡 MEDIUM	5.1	OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation	2026-04-28
CVE-2026-27576	🟡 MEDIUM	4.8	OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs	2026-02-21
CVE-2026-32020	🟡 MEDIUM	4.8	OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler	2026-03-19
CVE-2026-41912	🟡 MEDIUM	4.8	OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation	2026-04-28
CVE-2026-42430	🟡 MEDIUM	4.8	OpenClaw: Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable	2026-04-28
CVE-2026-24764	🟢 LOW	3.7	OpenClaw has Remote Code Execution via System Prompt Injection in Slack Channel Descriptions	2026-02-19
CVE-2026-41348	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Group DM Channel Allowlist Bypass via Discord Slash Commands	2026-04-23
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41402	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass	2026-04-28
CVE-2026-41910	🟢 LOW	2.3	OpenClaw: /allowlist omits owner-only enforcement for cross-channel allowlist writes	2026-04-28
CVE-2026-41916	🟢 LOW	2.3	OpenClaw < 2026.4.8 - Stale Authentication State via Config Reload	2026-04-28
CVE-2026-42421	🟢 LOW	2.3	OpenClaw: Existing WS sessions survive shared gateway token rotation	2026-04-28
CVE-2026-41398	🟢 LOW	2.1	OpenClaw - Unauthorized Agent Request Dispatch via Untrusted Local-Network Pages in iOS A2UI Bridge	2026-04-28
CVE-2026-31996	🟢 LOW	2	OpenClaw < 2026.2.19 - safeBins stdin-only bypass via sort output and recursive grep flags	2026-03-19

🔄 CVE 发布流水线

34/34 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-40037	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-40045	✅ PUBLISHED	VulnCheck	2026-04-07	✅ 已收录
CVE-2026-41407	✅ PUBLISHED	VulnCheck	2026-04-07	✅ 已收录
CVE-2026-41910	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41911	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41912	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41913	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41914	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41915	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-41916	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42420	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42421	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42422	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42423	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42424	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42426	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42427	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42428	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42429	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42430	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42431	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-42432	✅ PUBLISHED	VulnCheck	2026-04-09	✅ 已收录
CVE-2026-6011	✅ PUBLISHED	—	2026-04-10	✅ 已收录
CVE-2026-40037	✅ PUBLISHED	\| [GHSA-5wj5-87vq-39xm](https://github.com/advisories/GHSA-5wj5-87vq-39xm)	2026-04-09	✅ 已收录
CVE-2026-42427	✅ PUBLISHED	\| [GHSA-jf56-mccx-5f3f](https://github.com/advisories/GHSA-jf56-mccx-5f3f)	2026-04-09	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-42420	✅ PUBLISHED	\| [GHSA-3vvq-q2qc-7rmp](https://github.com/advisories/GHSA-3vvq-q2qc-7rmp)	2026-04-09	✅ 已收录
CVE-2026-42430	✅ PUBLISHED	\| [GHSA-vr5g-mmx7-h897](https://github.com/advisories/GHSA-vr5g-mmx7-h897)	2026-04-09	✅ 已收录
CVE-2026-42426	✅ PUBLISHED	\| [GHSA-3fv3-6p2v-gxwj](https://github.com/advisories/GHSA-3fv3-6p2v-gxwj)	2026-04-09	✅ 已收录
CVE-2026-42421	✅ PUBLISHED	\| [GHSA-vc32-h5mq-453v](https://github.com/advisories/GHSA-vc32-h5mq-453v)	2026-04-09	✅ 已收录
CVE-2026-41916	✅ PUBLISHED	\| [GHSA-cmfr-9m2r-xwhq](https://github.com/advisories/GHSA-cmfr-9m2r-xwhq)	2026-04-09	✅ 已收录
CVE-2026-42422	✅ PUBLISHED	\| [GHSA-qqq7-4hxc-x63c](https://github.com/advisories/GHSA-qqq7-4hxc-x63c)	2026-04-09	✅ 已收录
CVE-2026-42423	✅ PUBLISHED	\| [GHSA-w9j9-w4cp-6wgr](https://github.com/advisories/GHSA-w9j9-w4cp-6wgr)	2026-04-09	✅ 已收录
CVE-2026-40045	✅ PUBLISHED	\| [GHSA-jj6q-rrrf-h66h](https://github.com/advisories/GHSA-jj6q-rrrf-h66h)	2026-04-07	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-6011	✅ PUBLISHED	\| [GHSA-5f7h-p83x-5vc2](https://github.com/advisories/GHSA-5f7h-p83x-5vc2)	2026-04-10	✅ 已收录
CVE-2026-41915	✅ PUBLISHED	\| [GHSA-4f8g-77mw-3rxc](https://github.com/advisories/GHSA-4f8g-77mw-3rxc)	2026-04-09	✅ 已收录
CVE-2026-41911	✅ PUBLISHED	\| [GHSA-25wv-8phj-8p7r](https://github.com/advisories/GHSA-25wv-8phj-8p7r)	2026-04-09	✅ 已收录

📢 安全公告精选

135+

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17

GHSA-mr34-955 HIGH

OpenClaw: Webchat media embedding enforces local-root containment for tool-result files

2026-04-17

GHSA-2gvc-4f3 HIGH

OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

2026-04-17

GHSA-xmxx-7p2 HIGH

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

2026-04-17

GHSA-66r7-m7x HIGH

OpenClaw: QQBot media tags could read arbitrary local files through reply text

2026-04-17

GHSA-2cq5-mf3 HIGH

OpenClaw: busybox and toybox applet execution weakened exec approval binding

2026-04-17

GHSA-7jp6-r74 HIGH

OpenClaw: Matrix profile config persistence was reachable from operator.write message tools

2026-04-17

GHSA-736r-jwj HIGH

OpenClaw: Sandboxed agents could escape exec routing via host=node override

2026-04-17

GHSA-939r-rj4 HIGH

OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins

2026-04-17

GHSA-525j-hqq HIGH

OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0

2026-04-17

GHSA-82qx-6vj HIGH

OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows

2026-04-17

GHSA-vfp4-8x5 HIGH

OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

2026-04-17

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.6

平均 CVSS 评分

🔴

109%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察