Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.1 HIGH
CVE-2026-41361 — OpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use Ranges

OpenClaw before 2026.3.28 contains an SSRF guard bypass vulnerability that fails to block four IPv6 special-use ranges. Attackers can exploit this by crafting URLs targeting internal or non-routable …

Remote | Server-Side Request Forgery
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.7 MEDIUM
CVE-2026-41360 — OpenClaw < 2026.4.2 - Approval Integrity Bypass in pnpm dlx Local Script Binding

OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scri…

| Misconfiguration
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
7.1 HIGH
CVE-2026-41359 — OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Co…

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence setti…

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
5.4 MEDIUM
CVE-2026-41358 — OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context

OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through …

Remote | Injection
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
3.3 LOW
CVE-2026-41357 — OpenClaw < 2026.3.31 - Unsanitized Environment Variable Leakage in SSH Sandbox Backends

OpenClaw before 2026.3.31 contains an environment variable leakage vulnerability in SSH-based sandbox backends that pass unsanitized process.env to child processes. Attackers can exploit this by leve…

| Information Disclosure
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
5.4 MEDIUM
CVE-2026-41356 — OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate

OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing…

Remote | Authentication
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
7.3 HIGH
CVE-2026-41355 — OpenShell < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion

OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute …

| Misconfiguration
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.3 MEDIUM
CVE-2026-41354 — OpenClaw < 2026.4.2 - Insufficient Scope in Zalo Webhook Replay Dedupe Keys

OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers ca…

Remote | Misconfiguration
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
8.1 HIGH
CVE-2026-41353 — OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and…

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
8.8 HIGH
CVE-2026-41352 — OpenClaw < 2026.3.31 - Remote Code Execution via Node Scope Gate Bypass

OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing credentials …

Remote | Authentication
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.3 MEDIUM
CVE-2026-41351 — OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encoding

OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-enc…

Remote | Authentication
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
5.3 MEDIUM
CVE-2026-41350 — OpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed Invoca…

OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invoc…

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
8.8 HIGH
CVE-2026-41349 — OpenClaw < 2026.3.28 - Agentic Consent Bypass via config.patch

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to …

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
5.4 MEDIUM
CVE-2026-41348 — OpenClaw < 2026.3.31 - Group DM Channel Allowlist Bypass via Discord Slash Commands

OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized Disco…

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
7.1 HIGH
CVE-2026-41347 — OpenClaw < 2026.3.31 - Cross-Site Request Forgery via Missing Browser-Origin Validation i…

OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by s…

Remote | Cross-Site Request Forgery
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.3 MEDIUM
CVE-2026-41346 — OpenClaw 2026.2.26 < 2026.3.31 - Denial of Service via Improper Pending Pairing Request C…

OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers can submit…

Remote | Denial of Service
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.0 MEDIUM
CVE-2026-41345 — OpenClaw < 2026.3.31 - Authorization Header Leak via Cross-Origin Redirect in Media Downl…

OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by…

Remote | Information Disclosure
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
5.4 MEDIUM
CVE-2026-41344 — OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attack…

Remote | Authorization
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
6.9 MEDIUM
CVE-2026-41343 — OpenClaw < 2026.3.31 - Denial of Service via LINE Webhook Handler Pre-Auth Concurrency

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook e…

Remote | Denial of Service
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
7.4 HIGH
CVE-2026-41342 — OpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Rem…

OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Att…

| Authentication
Apr 23, 2026 Apr 23, 2026
Apr 23, 2026
Apr 23, 2026
Showing 20 of 6366 Results