Vulnerabilidades em OpenClaw
537 resultadosCVE-2026-53840MEDIUMOpenClaw < 2026.5.12 - Custom Header Leakage via MCP Streamable HTTP Cross-Origin RedirectsEPSS 0.2%CVE-2026-41908LOWOpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media RouteEPSS 0.2%CVE-2026-41381LOWOpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel AllowlistEPSS 0.2%CVE-2026-41382LOWOpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation GapsEPSS 0.2%CVE-2026-27485MEDIUMOpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inline script injectionEPSS 0.2%CVE-2026-53838MEDIUMOpenClaw < 2026.5.27 - Node Pairing State Mutation via ReconnectionEPSS 0.2%CVE-2026-22181MEDIUMOpenClaw < 2026.3.2 - DNS Pinning Bypass via Environment Proxy Configuration in web_fetchEPSS 0.2%CVE-2026-44997LOWOpenClaw < 2026.4.22 - Security Envelope Constraint Bypass in ACP Child SessionsEPSS 0.2%CVE-2026-43567HIGHOpenClaw < 2026.4.10 - Path Traversal in screen_record outPath ParameterEPSS 0.2%CVE-2026-43535HIGHOpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue BatchesEPSS 0.2%CVE-2026-41914MEDIUMOpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch PathsEPSS 0.2%CVE-2026-43579MEDIUMOpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation RoutesEPSS 0.2%CVE-2026-45001MEDIUMOpenClaw < 2026.4.20 - Gateway Config Mutation Guard Bypass via Agent Tool AccessEPSS 0.2%CVE-2026-35648LOWOpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Queued Node ActionsEPSS 0.2%CVE-2026-53815HIGHOpenClaw < 2026.5.19 - Channel Allowlist Bypass in Message Read ActionsEPSS 0.2%CVE-2026-41916LOWOpenClaw < 2026.4.8 - Stale Authentication State via Config ReloadEPSS 0.2%CVE-2026-43583MEDIUMOpenClaw 2026.4.10 < 2026.4.14 - Loss of Group Tool-Policy Context in Delivery Queue RecoveryEPSS 0.2%CVE-2026-43581CRITICALOpenClaw < 2026.4.10 - Chrome DevTools Protocol Exposure via Overly Broad CDP Relay BindingEPSS 0.2%CVE-2026-43568HIGHOpenClaw 2026.4.5 through 2026.4.9 - Privilege Escalation via Memory Dreaming Configuration in /dreaming EndpointEPSS 0.2%CVE-2026-41913MEDIUMOpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication AttemptsEPSS 0.2%