UCloud OpenClaw CVEs - 安全漏洞追踪

📋 已发布 CVE（cvelistV5）

126

CVE ID	严重性	CVSS	漏洞描述	发布日期
CVE-2026-22172	🟣 CRITICAL	9.4	OpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth Connections	2026-03-20
CVE-2026-28466	🟣 CRITICAL	9.4	OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass	2026-03-05
CVE-2026-43534	🟣 CRITICAL	9.3	OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events	2026-05-05
CVE-2026-43585	🟣 CRITICAL	9.2	OpenClaw < 2026.4.15 - Bearer Token Validation Bypass via Stale SecretRef Resolution	2026-05-06
CVE-2026-43566	🟣 CRITICAL	9.1	OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events	2026-05-05
CVE-2026-43533	🔴 HIGH	8.9	OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags	2026-05-05
CVE-2026-24763	🔴 HIGH	8.8	OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable	2026-02-02
CVE-2026-25253	🔴 HIGH	8.8	OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl	2026-02-01
CVE-2026-32973	🔴 HIGH	8.8	OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization	2026-03-29
CVE-2026-41296	🔴 HIGH	8.8	OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile	2026-04-20
CVE-2026-28478	🔴 HIGH	8.7	OpenClaw affected by denial of service via unbounded webhook request body buffering	2026-03-05
CVE-2026-32980	🔴 HIGH	8.7	OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthenticated Telegram Webhook Request	2026-03-29
CVE-2026-41303	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Authorization Bypass in Discord Text Approval Commands	2026-04-20
CVE-2026-35669	🔴 HIGH	8.7	OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope	2026-04-10
CVE-2026-41349	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Agentic Consent Bypass via config.patch	2026-04-23
CVE-2026-41399	🔴 HIGH	8.7	OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades	2026-04-28
CVE-2026-42426	🔴 HIGH	8.7	OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope	2026-04-28
CVE-2026-42434	🔴 HIGH	8.7	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-05-05
CVE-2026-42435	🔴 HIGH	8.7	OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms	2026-05-05
CVE-2026-43530	🔴 HIGH	8.7	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-05-05
CVE-2026-34503	🔴 HIGH	8.6	OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation	2026-03-31
CVE-2026-41387	🔴 HIGH	8.5	OpenClaw < 2026.3.22 - Supply Chain Redirection via Incomplete Host Environment Sanitization	2026-04-28
CVE-2026-32004	🔴 HIGH	8.3	OpenClaw < 2026.3.2 - Authentication Bypass via Encoded Path in /api/channels Route	2026-03-19
CVE-2026-43526	🔴 HIGH	8.3	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-05-05
CVE-2026-28469	🔴 HIGH	8.2	OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting	2026-03-05
CVE-2026-32045	🔴 HIGH	8.2	OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth	2026-03-21
CVE-2026-42437	🔴 HIGH	8.2	OpenClaw: Voice-call realtime WebSocket accepted oversized frames	2026-05-05
CVE-2026-25157	🔴 HIGH	7.8	OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand	2026-02-04
CVE-2026-32048	🔴 HIGH	7.7	OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn	2026-03-21
CVE-2026-32056	🔴 HIGH	7.7	OpenClaw < 2026.2.22 - Remote Code Execution via Shell Startup Environment Variable Injection in system.run	2026-03-21
CVE-2026-35666	🔴 HIGH	7.7	OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper	2026-04-10
CVE-2026-42422	🔴 HIGH	7.7	OpenClaw < 2026.4.8 - Role Bypass in device.token.rotate Function	2026-04-28
CVE-2026-43569	🔴 HIGH	7.7	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-05-05
CVE-2026-43571	🔴 HIGH	7.7	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-05-05
CVE-2026-44110	🔴 HIGH	7.7	OpenClaw < 2026.4.15 - Authorization Bypass in Matrix Room Control Commands via DM Pairing Store	2026-05-06
CVE-2026-27487	🔴 HIGH	7.6	OpenClaw: Prevent shell injection in macOS keychain credential write	2026-02-21
CVE-2026-32005	🔴 HIGH	7.6	OpenClaw < 2026.2.25 - Authorization Bypass in Interactive Callbacks via Sender Check Skip	2026-03-19
CVE-2026-32007	🔴 HIGH	7.6	OpenClaw < 2026.2.23 - Sandbox Bypass in apply_patch Tool via Workspace-Only Check Bypass	2026-03-19
CVE-2026-42431	🔴 HIGH	7.6	OpenClaw < 2026.4.8 - Persistent Profile Mutation via node.invoke(browser.proxy) Bypass	2026-04-28
CVE-2026-43535	🔴 HIGH	7.6	OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches	2026-05-05
CVE-2026-25474	🔴 HIGH	7.5	OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass	2026-02-19
CVE-2026-26321	🔴 HIGH	7.5	OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension	2026-02-19
CVE-2026-26324	🔴 HIGH	7.5	OpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable)	2026-02-19
CVE-2026-32025	🔴 HIGH	7.5	OpenClaw < 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass	2026-03-19
CVE-2026-32041	🔴 HIGH	7.5	OpenClaw < 2026.3.1 - Unauthenticated Browser Control Access via Failed Auth Bootstrap	2026-03-19
CVE-2026-28458	🔴 HIGH	7.4	OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access	2026-03-05
CVE-2026-32016	🔴 HIGH	7.3	OpenClaw < 2026.2.22 - Path Traversal via Basename-Only Allowlist Matching on macOS	2026-03-19
CVE-2026-35653	🔴 HIGH	7.2	OpenClaw < 2026.3.24 - Incorrect Authorization in POST /reset-profile via browser.request	2026-04-10
CVE-2026-35660	🔴 HIGH	7.2	OpenClaw < 2026.3.23 - Insufficient Access Control in Gateway Agent Session Reset	2026-04-10
CVE-2026-26317	🔴 HIGH	7.1	OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints	2026-02-19
CVE-2026-22168	🔴 HIGH	7.1	OpenClaw < 2026.2.21 - Command Injection via cmd.exe /c Trailing Arguments in system.run	2026-03-18
CVE-2026-26327	🔴 HIGH	7.1	OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning	2026-02-19
CVE-2026-35636	🔴 HIGH	7.1	OpenClaw 2026.3.11 < 2026.3.25 - Session Isolation Bypass via sessionId Resolution	2026-04-09
CVE-2026-42433	🔴 HIGH	7.1	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-05-05
CVE-2026-43528	🔴 HIGH	7.1	OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases	2026-05-05
CVE-2026-43567	🔴 HIGH	7.1	OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter	2026-05-05
CVE-2026-43568	🔴 HIGH	7.1	OpenClaw: Memory dreaming config persistence was reachable from operator.write commands	2026-05-05
CVE-2026-43577	🔴 HIGH	7.1	OpenClaw < 2026.4.9 - Arbitrary File Read via Browser Interaction Routes	2026-05-06
CVE-2026-41375	🔴 HIGH	7.1	OpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm Endpoints	2026-04-28
CVE-2026-32009	🔴 HIGH	7	OpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBins	2026-03-19
CVE-2026-43531	🔴 HIGH	7	OpenClaw < 2026.4.9 - Environment Variable Injection via Workspace .env File	2026-05-05
CVE-2026-31990	🟡 MEDIUM	6.9	OpenClaw < 2026.3.2 - Symlink Traversal in stageSandboxMedia Destination	2026-03-19
CVE-2026-28480	🟡 MEDIUM	6.9	OpenClaw Telegram allowlist authorization accepted mutable usernames	2026-03-05
CVE-2026-34505	🟡 MEDIUM	6.9	OpenClaw < 2026.3.12 - Webhook Rate Limiting Bypass via Pre-Authentication Secret Validation	2026-03-31
CVE-2026-35640	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Denial of Service via Unauthenticated Webhook Request Parsing	2026-04-09
CVE-2026-35626	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unauthenticated Resource Exhaustion via Voice Call Webhook	2026-04-09
CVE-2026-35654	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Authorization Bypass in Microsoft Teams Feedback Invoke	2026-04-10
CVE-2026-35661	🟡 MEDIUM	6.9	OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass	2026-04-10
CVE-2026-35633	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses	2026-04-09
CVE-2026-35655	🟡 MEDIUM	6.9	OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution	2026-04-10
CVE-2026-41331	🟡 MEDIUM	6.9	OpenClaw < 2026.3.31 - Resource Consumption via Unauthorized Telegram Audio Preflight Transcription	2026-04-20
CVE-2026-44116	🟡 MEDIUM	6.9	OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation	2026-05-06
CVE-2026-29612	🟡 MEDIUM	6.8	OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding	2026-03-05
CVE-2026-33572	🟡 MEDIUM	6.8	OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files	2026-03-29
CVE-2026-28452	🟡 MEDIUM	6.7	OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)	2026-03-05
CVE-2026-32044	🟡 MEDIUM	6.7	OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation	2026-03-21
CVE-2026-26328	🟡 MEDIUM	6.5	OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities	2026-02-19
CVE-2026-28475	🟡 MEDIUM	6.3	OpenClaw < 2026.2.13 - Timing Attack via Hook Token Comparison	2026-03-05
CVE-2026-32031	🟡 MEDIUM	6.3	OpenClaw < 2026.2.26 - Authentication Bypass via Path Canonicalization Mismatch in /api/channels Gateway	2026-03-19
CVE-2026-32896	🟡 MEDIUM	6.3	OpenClaw < 2026.2.21 - Unauthenticated Webhook Access via Passwordless Fallback in BlueBubbles Plugin	2026-03-21
CVE-2026-35628	🟡 MEDIUM	6.3	OpenClaw < 2026.3.25 - Brute-Force Attack via Missing Telegram Webhook Rate Limiting	2026-04-09
CVE-2026-35656	🟡 MEDIUM	6.3	OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter	2026-04-10
CVE-2026-41346	🟡 MEDIUM	6.3	OpenClaw 2026.2.26 < 2026.3.31 - Denial of Service via Improper Pending Pairing Request Cap Enforcement	2026-04-23
CVE-2026-41389	🟡 MEDIUM	6.3	OpenClaw: Webchat media embedding enforces local-root containment for tool-result files	2026-04-20
CVE-2026-43527	🟡 MEDIUM	6.3	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-05-05
CVE-2026-43572	🟡 MEDIUM	6.3	OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks	2026-05-05
CVE-2026-41383	🟡 MEDIUM	6.1	OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths	2026-04-28
CVE-2026-28460	🟡 MEDIUM	6	OpenClaw < 2026.2.22 - Allowlist Bypass via Shell Line-Continuation Command Substitution in system.run	2026-03-19
CVE-2026-32057	🟡 MEDIUM	6	OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter	2026-03-21
CVE-2026-32022	🟡 MEDIUM	6	OpenClaw < 2026.2.21 - Arbitrary File Read via grep -e Flag Policy Bypass	2026-03-19
CVE-2026-41363	🟡 MEDIUM	6	OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter	2026-04-27
CVE-2026-41911	🟡 MEDIUM	6	OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image	2026-04-28
CVE-2026-43574	🟡 MEDIUM	6	OpenClaw < 2026.4.12 - Improper Authorization via Empty Approver Lists	2026-05-05
CVE-2026-44112	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes	2026-05-06
CVE-2026-44113	🟡 MEDIUM	6	OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge	2026-05-06
CVE-2026-32043	🟡 MEDIUM	5.9	OpenClaw < 2026.2.25 - Time-of-Check-Time-of-Use via Mutable Symlink in system.run cwd Parameter	2026-03-21
CVE-2026-41393	🟡 MEDIUM	5.9	OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery	2026-04-28
CVE-2026-22217	🟡 MEDIUM	5.8	OpenClaw 2026.2.22 < 2026.2.23 - Arbitrary Binary Execution via $SHELL Environment Variable Trusted Prefix Fallback	2026-03-18
CVE-2026-27009	🟡 MEDIUM	5.8	OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection	2026-02-19
CVE-2026-27670	🟡 MEDIUM	5.8	OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition	2026-03-19
CVE-2026-31995	🟡 MEDIUM	5.8	OpenClaw 2026.1.21 < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Extension	2026-03-19
CVE-2026-32000	🟡 MEDIUM	5.8	OpenClaw < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Tool Execution	2026-03-19
CVE-2026-32988	🟡 MEDIUM	5.8	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unvalidated Temporary File Creation	2026-03-31
CVE-2026-32977	🟡 MEDIUM	5.8	OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unanchored writeFile Commit Path	2026-03-31
CVE-2026-41915	🟡 MEDIUM	5.8	OpenClaw < 2026.4.8 - Git Environment Variable Injection via Unfiltered Exec Environment	2026-04-28
CVE-2026-31989	🟡 MEDIUM	5.3	OpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation Redirect	2026-03-19
CVE-2026-41344	🟡 MEDIUM	5.3	OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter	2026-04-23
CVE-2026-35659	🟡 MEDIUM	5.1	OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery	2026-04-10
CVE-2026-42436	🟡 MEDIUM	4.9	OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation	2026-05-05
CVE-2026-42439	🟡 MEDIUM	4.9	OpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action Routes	2026-05-05
CVE-2026-43532	🟡 MEDIUM	4.9	OpenClaw: Discord event cover images bypassed sandbox media normalization	2026-05-05
CVE-2026-42438	🟡 MEDIUM	4.9	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-05-05
CVE-2026-43573	🟡 MEDIUM	4.9	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-05-05
CVE-2026-27576	🟡 MEDIUM	4.8	OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs	2026-02-21
CVE-2026-32020	🟡 MEDIUM	4.8	OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler	2026-03-19
CVE-2026-27485	🟡 MEDIUM	4.6	OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injection	2026-02-21
CVE-2026-41338	🟡 MEDIUM	4.3	OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations	2026-04-23
CVE-2026-32006	🟢 LOW	2.3	OpenClaw < 2026.2.26 - Authorization Bypass via DM Pairing-Store Fallback in Group Allowlist	2026-03-19
CVE-2026-41348	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Group DM Channel Allowlist Bypass via Discord Slash Commands	2026-04-23
CVE-2026-41358	🟢 LOW	2.3	OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context	2026-04-23
CVE-2026-41362	🟢 LOW	2.3	OpenClaw 2026.2.19 < 2026.3.31 - Webhook Replay Dedupe Cache Event Suppression via Shared Authentication	2026-04-27
CVE-2026-41402	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Webhook Replay Cache Cross-Target messageId Scope Bypass	2026-04-28
CVE-2026-41406	🟢 LOW	2.3	OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Thread History and Quoted Messages	2026-04-28
CVE-2026-41908	🟢 LOW	2.3	OpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media Route	2026-04-23
CVE-2026-41916	🟢 LOW	2.3	OpenClaw < 2026.4.8 - Stale Authentication State via Config Reload	2026-04-28
CVE-2026-43529	🟢 LOW	2	OpenClaw: TOCTOU read in exec script preflight	2026-05-05

🔄 CVE 发布流水线

40/40 已发布

CVE ID	状态	CNA	GHSA 发布日期	cvelistV5
CVE-2026-24763	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	GitHub_M	2026-02-02	✅ 已收录
CVE-2026-25253	✅ PUBLISHED	mitre	2026-02-02	✅ 已收录
CVE-2026-26317	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-26328	✅ PUBLISHED	GitHub_M	2026-02-18	✅ 已收录
CVE-2026-28452	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28458	✅ PUBLISHED	VulnCheck	2026-02-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	VulnCheck	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	VulnCheck	2026-05-04	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-41908	✅ PUBLISHED	VulnCheck	2026-04-25	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42434	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42435	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42436	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42437	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42438	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-42439	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43527	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43528	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43529	✅ PUBLISHED	VulnCheck	2026-04-16	✅ 已收录
CVE-2026-43530	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43531	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43532	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43534	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43535	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43566	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43568	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43571	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-43574	✅ PUBLISHED	VulnCheck	2026-04-17	✅ 已收录
CVE-2026-6011	✅ PUBLISHED	—	2026-04-10	✅ 已收录
CVE-2026-43533	✅ PUBLISHED	\| [GHSA-2cq5-mf3v-mx44](https://github.com/advisories/GHSA-2cq5-mf3v-mx44)	2026-04-17	✅ 已收录
CVE-2026-42433	✅ PUBLISHED	\| [GHSA-736r-jwj6-4w23](https://github.com/advisories/GHSA-736r-jwj6-4w23)	2026-04-17	✅ 已收录
CVE-2026-43569	✅ PUBLISHED	\| [GHSA-82qx-6vj7-p8m2](https://github.com/advisories/GHSA-82qx-6vj7-p8m2)	2026-04-17	✅ 已收录
CVE-2026-42437	✅ PUBLISHED	\| [GHSA-8372-7vhw-cm6q](https://github.com/advisories/GHSA-8372-7vhw-cm6q)	2026-04-17	✅ 已收录
CVE-2026-28469	✅ PUBLISHED	\| [GHSA-3fqr-4cg8-h96q](https://github.com/advisories/GHSA-3fqr-4cg8-h96q)	2026-02-18	✅ 已收录
CVE-2026-28478	✅ PUBLISHED	\| [GHSA-mr32-vwc2-5j6h](https://github.com/advisories/GHSA-mr32-vwc2-5j6h)	2026-02-18	✅ 已收录
CVE-2026-25157	✅ PUBLISHED	\| [GHSA-g8p2-7wf7-98mq](https://github.com/advisories/GHSA-g8p2-7wf7-98mq)	2026-02-02	✅ 已收录
CVE-2026-24763	✅ PUBLISHED	\| [GHSA-r2c6-8jc8-g32w](https://github.com/advisories/GHSA-r2c6-8jc8-g32w)	2026-02-02	✅ 已收录
CVE-2026-41389	✅ PUBLISHED	\| [GHSA-jhpv-5j76-m56h](https://github.com/advisories/GHSA-jhpv-5j76-m56h)	2026-04-17	✅ 已收录
CVE-2026-43573	✅ PUBLISHED	\| [GHSA-rj2p-j66c-mgqh](https://github.com/advisories/GHSA-rj2p-j66c-mgqh)	2026-04-17	✅ 已收录
CVE-2026-43567	✅ PUBLISHED	\| [GHSA-53vx-pmqw-863c](https://github.com/advisories/GHSA-53vx-pmqw-863c)	2026-04-17	✅ 已收录
CVE-2026-43526	✅ PUBLISHED	\| [GHSA-7wv4-cc7p-jhxc](https://github.com/advisories/GHSA-7wv4-cc7p-jhxc)	2026-04-17	✅ 已收录
CVE-2026-43532	✅ PUBLISHED	\| [GHSA-49cg-279w-m73x](https://github.com/advisories/GHSA-49cg-279w-m73x)	2026-04-17	✅ 已收录
CVE-2026-43534	✅ PUBLISHED	\| [GHSA-j6c7-3h5x-99g9](https://github.com/advisories/GHSA-j6c7-3h5x-99g9)	2026-04-17	✅ 已收录
CVE-2026-43568	✅ PUBLISHED	\| [GHSA-g2hm-779g-vm32](https://github.com/advisories/GHSA-g2hm-779g-vm32)	2026-04-17	✅ 已收录
CVE-2026-42436	✅ PUBLISHED	\| [GHSA-jwrq-8g5x-5fhm](https://github.com/advisories/GHSA-jwrq-8g5x-5fhm)	2026-04-17	✅ 已收录
CVE-2026-28480	✅ PUBLISHED	\| [GHSA-h89v-j3x9-8wqj](https://github.com/advisories/GHSA-h89v-j3x9-8wqj)	2026-02-18	✅ 已收录
CVE-2026-29612	✅ PUBLISHED	\| [GHSA-g34w-4xqq-h79m](https://github.com/advisories/GHSA-g34w-4xqq-h79m)	2026-02-18	✅ 已收录
CVE-2026-41358	✅ PUBLISHED	\| [GHSA-v8qf-fr4g-28p2](https://github.com/advisories/GHSA-v8qf-fr4g-28p2)	2026-05-04	✅ 已收录
CVE-2026-43572	✅ PUBLISHED	\| [GHSA-r77c-2cmr-7p47](https://github.com/advisories/GHSA-r77c-2cmr-7p47)	2026-04-17	✅ 已收录
CVE-2026-43529	✅ PUBLISHED	\| [GHSA-52vj-fvrv-7q82](https://github.com/advisories/GHSA-52vj-fvrv-7q82)	2026-04-16	✅ 已收录

📢 安全公告精选

148+

GHSA-xh72-v6v CRITICAL

OpenClaw: Feishu webhook and card-action validation now fail closed

2026-04-17

GHSA-cwj3-vqp HIGH

OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

2026-05-05

GHSA-r39h-4c2 HIGH

OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

2026-05-05

GHSA-wppj-c6m HIGH

OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root

2026-05-04

GHSA-r6xh-pqh HIGH

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

2026-05-04

GHSA-5mh4-3rv HIGH

Duplicate Advisory: OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

2026-04-28

GHSA-5799-3xg HIGH

Duplicate Advisory: OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

2026-04-28

GHSA-394x-274 HIGH

Duplicate Advisory: OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

2026-04-24

GHSA-7vq9-42c HIGH

Duplicate Advisory: OpenClaw: Device-Paired Node Skips Node Scope Gate → Host RCE.md

2026-04-24

GHSA-gv2f-q4w HIGH

Duplicate Advisory: OpenClaw: CLI Remote Onboarding Persists Unauthenticated Discovery Endpoint and Exfiltrates Gateway Credentials

2026-04-24

GHSA-jx3c-247 HIGH

Duplicate Advisory: OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code

2026-04-24

GHSA-66r7-m7x HIGH

OpenClaw: QQBot media tags could read arbitrary local files through reply text

2026-04-17 CVE-2026-43533

📊 漏洞分类

白名单绕过 (Allowlist Bypass)

注入攻击 (XSS/CSRF/Prompt/Command)

认证绕过 / 缺失认证

SSRF

拒绝服务 (DoS)

路径穿越 (CWE-22)

原型污染 (Prototype Pollution)

💡 关键洞察

📈

6.7

平均 CVSS 评分

🔴

120%

HIGH 及以上漏洞占比

⚡

100%

CVE 已发布到 cvelistV5

🛡️

100%

已提供修复版本

🏢

CNA 来源 (VulnCheck / GitHub / MITRE)

📦

npm

受影响包 (openclaw)

🛡️ UCloud OpenClaw CVEs

📋 已发布 CVE（cvelistV5）

🔄 CVE 发布流水线

📢 安全公告精选

📊 漏洞分类

💡 关键洞察