CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3606 A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etter... | 3.3 | LOW | — | 0 |
| CVE-2026-2593 The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `_gspb_post_css` post meta value and the `dynamicAttributes` block attribut... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-29613 OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles (optional plugin) webhook handler in which it authenticates requests based solely on loopback remoteAddress without vali... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-29612 OpenClaw versions prior to 2026.2.14 decode base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger large memory allocations. Remote attacker... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-29611 OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary f... | 7.5 | HIGH | — | 0 |
| CVE-2026-29610 OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host executi... | 8.8 | HIGH | — | 0 |
| CVE-2026-29609 OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote... | 7.5 | HIGH | — | 0 |
| CVE-2026-29606 OpenClaw versions prior to 2026.2.14 contain a webhook signature-verification bypass in the voice-call extension that allows unauthenticated requests when the tunnel.allowNgrokFreeTierLoopbackBypass o... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28486 OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended direct... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-28485 OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations... | 8.4 | HIGH | — | 0 |
| CVE-2026-28484 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2026-28482 OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can e... | 7.1 | HIGH | — | 0 |
| CVE-2026-28481 OpenClaw versions 2026.1.30 and earlier, contain an information disclosure vulnerability, patched in 2026.2.1, in the MS Teams attachment downloader (optional extension must be enabled) that leaks bea... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28480 OpenClaw versions prior to 2026.2.14 contain an authorization bypass vulnerability where Telegram allowlist matching accepts mutable usernames instead of immutable numeric sender IDs. Attackers can sp... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28479 OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker... | 7.5 | HIGH | — | 0 |
| CVE-2026-28478 OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can s... | 7.5 | HIGH | — | 0 |
| CVE-2026-28477 OpenClaw versions prior to 2026.2.14 contain an oauth state validation bypass vulnerability in the manual Chutes login flow that allows attackers to bypass CSRF protection. An attacker can convince a ... | 7.1 | HIGH | — | 0 |
| CVE-2026-28476 OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulnerability in the optional Tlon Urbit extension that accepts user-provided base URLs for authentication without proper val... | 8.3 | HIGH | — | 0 |
| CVE-2026-28475 OpenClaw versions prior to 2026.2.13 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network ac... | 4.8 | MEDIUM | — | 0 |
| CVE-2026-28474 OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for allowlist validation, allowing attackers to bypass DM and room all... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28473 OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat comman... | 8.1 | HIGH | — | 0 |
| CVE-2026-28472 OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. ... | 8.1 | HIGH | — | 0 |
| CVE-2026-28471 OpenClaw version 2026.1.14-1 prior to 2026.2.2, with the Matrix plugin installed and enabled, contain a vulnerability in which DM allowlist matching could be bypassed by exact-matching against sender ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-28470 OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syn... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28469 OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets shar... | 7.5 | HIGH | — | 0 |
| CVE-2026-28468 OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local... | 7.7 | HIGH | — | 0 |
| CVE-2026-28467 OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTP(S) URLs. Attackers wh... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28466 OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass e... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-28465 OpenClaw's voice-call plugin versions before 2026.2.3 contain an improper authentication vulnerability in webhook verification that allows remote attackers to bypass verification by supplying untruste... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-28464 OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network ac... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-28463 OpenClaw versions prior to 2026.2.14 contain an arbitrary file read vulnerability in the exec-approvals allowlist validation that checks pre-expansion argv tokens but executes using real shell expansi... | 8.4 | HIGH | — | 0 |
| CVE-2026-28462 OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining wr... | 7.5 | HIGH | — | 0 |
| CVE-2026-28459 OpenClaw versions prior to 2026.2.12 fail to validate the sessionFile path parameter, allowing authenticated gateway clients to write transcript data to arbitrary locations on the host filesystem. Att... | 7.1 | HIGH | — | 0 |
| CVE-2026-28458 OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication... | 8.1 | HIGH | — | 0 |
| CVE-2026-28457 OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring (must be enabled) that uses the skill frontmatter name parameter unsanitized when copying skills ... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-28456 OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import(), a... | 7.2 | HIGH | — | 0 |
| CVE-2026-28454 OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker... | 7.5 | HIGH | — | 0 |
| CVE-2026-28453 OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft ma... | 7.5 | HIGH | — | 0 |
| CVE-2026-28452 OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the extractArchive function within src/infra/archive.ts that allows attackers to consume excessive CPU, memory, and di... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-28451 OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections ... | 8.3 | HIGH | — | 0 |
| CVE-2026-28450 OpenClaw versions prior to 2026.2.12 with the optional Nostr plugin enabled expose unauthenticated HTTP endpoints at /api/channels/nostr/:accountId/profile and /api/channels/nostr/:accountId/profile/i... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-28448 OpenClaw versions 2026.1.29 prior to 2026.2.1 contain a vulnerability in the Twitch plugin (must be installed and enabled) in which it fails to enforce the allowFrom allowlist when allowedRoles is uns... | 7.3 | HIGH | — | 0 |
| CVE-2026-28447 OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attack... | 8.1 | HIGH | — | 0 |
| CVE-2026-28446 OpenClaw versions prior to 2026.2.1 with the voice-call extension installed and enabled contain an authentication bypass vulnerability in inbound allowlist policy validation that accepts empty caller ... | 9.4 | CRITICAL | — | 0 |
| CVE-2026-28395 OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension (must be installed and enabled) relay server that treats wildcard hosts as loo... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28394 OpenClaw versions prior to 2026.2.15 contain a denial of service vulnerability in the web_fetch tool that allows attackers to crash the Gateway process through memory exhaustion by parsing oversized o... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-28393 OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings[].transform.modu... | 7.7 | HIGH | — | 0 |
| CVE-2026-28392 OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerability in the Slack slash-command handler that incorrectly authorizes any direct message sender when dmPolicy is set to open ... | 7.5 | HIGH | — | 0 |
| CVE-2026-28391 OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests (non-default configuration), allowing attackers to bypass command approval... | 9.8 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.