New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
100 Total advisories
100 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 8.0
npm

CVE-2026-35630

OpenClaw: QQBot native approval buttons did not enforce configured approver identity

HIGH 8.0
npm

GHSA-hx4v-668p-g2qr

Duplicate Advisory: OpenClaw: QQBot native approval buttons did not enforce configured approver identity

UNKNOWN
npm

GHSA-77q5-rr5v-x43q

OpenClaw: Trusted retry endpoint checks could match hostname prefixes

UNKNOWN
npm

GHSA-w5ww-7chg-mxcq

OpenClaw: Telegram interactive callbacks could skip commands.allowFrom

UNKNOWN
npm

GHSA-p73f-w79w-jqr5

OpenClaw: Native command authorization could skip owner-command enforcement

UNKNOWN
npm

GHSA-j472-gf56-x589

OpenClaw: PowerShell encoded-command aliases could miss exec allowlist checks

MEDIUM 6.6
npm

CVE-2026-53818

OpenClaw: MCP loopback could skip owner-only tool policy for non-owner callers

HIGH 7.8
npm

CVE-2026-53813

OpenClaw: Fake package roots could influence memory-core artifact loading

UNKNOWN
npm

GHSA-6c4r-g249-wv3c

OpenClaw: Sandboxed session spawn could expose the real workspace path to child prompts

LOW 3.8
npm

CVE-2026-53809

OpenClaw: Embedded runner policy could be confused by provider aliases

HIGH 8.8
npm

CVE-2026-53811

OpenClaw: Matrix allowFrom could bind to mutable display names

LOW 3.1
npm

GHSA-3wqp-prf6-2m72

OpenClaw: Feishu dynamic-agent bindings could miss configWrites enforcement

HIGH 7.2
npm

CVE-2026-53816

OpenClaw: Paired nodes could forge exec lifecycle events without system.run provenance

HIGH 8.8
npm

CVE-2026-53806

OpenClaw: Combined POSIX shell options could confuse exec revalidation

UNKNOWN
npm

GHSA-4m3v-q747-pc6h

OpenClaw: Mattermost slash token revocation could lag until monitor refresh

UNKNOWN
npm

GHSA-275c-xpvc-jgfw

OpenClaw: Slack and Zalo webhook secrets could remain active after secrets.reload

HIGH 8.3
npm

GHSA-xr4f-mjxj-w6w5

OpenClaw: Non-owner chat senders could issue device-pairing bootstrap codes

UNKNOWN
npm

GHSA-w4v6-g3wm-w36c

OpenClaw: QQBot admin commands could skip DM-only and allowFrom policy

HIGH 8.8
npm

CVE-2026-53819

OpenClaw: Workspace .env could override Homebrew executable selection for skill install flows

UNKNOWN
npm

GHSA-c29c-2q9c-pc86

OpenClaw: Slack allowFrom could bind to mutable display names

MEDIUM 6.5
npm

GHSA-hcm3-8f6r-6xwg

OpenClaw: Browser debug/export routes could reuse already-open blocked tabs

UNKNOWN
npm

GHSA-gp79-m99v-gjmh

OpenClaw: Mattermost handlers could fall open when channel type was missing

UNKNOWN
npm

GHSA-grc3-2j34-p6gm

OpenClaw: message.action forwarding could send Gateway credentials to model-supplied loopback URLs

HIGH 8.8
npm

GHSA-qjpc-qf9m-xwmr

OpenClaw: Trusted-proxy Control UI WebSocket accepted client-declared scopes before pairing

UNKNOWN
npm

GHSA-77pv-3w4q-vrj5

OpenClaw: QQBot pre-dispatch slash commands could skip allowFrom checks

UNKNOWN
npm

GHSA-jvm4-4j77-39p6

OpenClaw: QQBot streaming command could mutate config without explicit allowFrom

MEDIUM 5.3
npm

GHSA-cqwv-9qjx-vxw2

OpenClaw: Skill Workshop apply flow could override pending approval

UNKNOWN
npm

GHSA-wv26-j37q-2g7p

OpenClaw's Slack plugin approvals used the exec approver gate for plugin actions

MEDIUM 6.5
npm

GHSA-p2fh-f5fc-44hr

OpenClaw: memory-wiki ingest could read local files with operator.write scope

UNKNOWN
npm

GHSA-83w9-h5wv-j9xm

OpenClaw: Node pairing reconnection could confuse approval scope state

UNKNOWN
npm

GHSA-rggc-m335-3wvj

OpenClaw: Same-host trusted-proxy deployments could accept local forged identity headers

HIGH 8.8
npm

GHSA-hw9r-h9mr-4jff

OpenClaw: Scoped chat.send route inheritance could bypass admin command scope gates

HIGH 8.8
npm

CVE-2026-53810

OpenClaw's marketplace runtime extension metadata could point at unscanned payloads

HIGH 7.1
npm

GHSA-mhq8-78pj-5j79

OpenClaw's POSIX node system.run safe-bin allowlist could be widened by shell expansion

UNKNOWN
npm

GHSA-2j8v-hwgc-x698

OpenClaw: Shell wrapper argv could change between approval and execution

HIGH 8.4
npm

CVE-2026-53814

OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority

HIGH 7.7
npm

CVE-2026-53812

OpenClaw's browser act interactions could bypass private-network navigation checks

HIGH 8.0
npm

CVE-2026-53817

OpenClaw: Control UI locality spoofing could mint a durable admin device token

UNKNOWN
npm

GHSA-qh2f-99mv-mrcf

OpenClaw: Bundle MCP loopback could miss its exec denylist on session spawn

HIGH 8.0
npm

GHSA-xww8-gqvh-92x9

OpenClaw: Exec approval display truncation could hide the command being approved

MEDIUM 6.5
npm

CVE-2026-53815

OpenClaw: Message read actions could skip channel allowlist checks

MEDIUM 6.5
npm

GHSA-9c3v-684m-579c

OpenClaw MCP SSE redirects could forward Authorization headers

UNKNOWN
npm

CVE-2026-53854

OpenClaw: Internal/webchat command auth could inherit ownerAllowFrom wildcard state

MEDIUM 6.5
npm

CVE-2026-53844

OpenClaw: memory-wiki shared search could miss session visibility checks

HIGH 7.1
npm

GHSA-4qgr-57jq-93vh

Duplicate Advisory: Workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots

HIGH 8.3
npm

GHSA-3v3j-737j-7g74

Duplicate Advisory: Linux and macOS exec allowlists skipped configured argument patterns

MEDIUM 5.4
npm

CVE-2026-53852

OpenClaw: Empty-scope device re-pairing could confuse caller scope containment

HIGH 7.1
npm

GHSA-2w22-3f6x-3hf4

Duplicate Advisory: Workspace-derived service PATH could influence trash command selection

MEDIUM 4.2
npm

CVE-2026-53860

OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers

MEDIUM 4.2
npm

GHSA-8hj2-w4c9-fjfq

Duplicate Advisory: BlueBubbles sender policy could match mutable conversation identifiers

HIGH 7.1
npm

CVE-2026-53858

OpenClaw: Workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots

HIGH 7.1
npm

CVE-2026-53846

OpenClaw: Workspace .env npm_execpath could influence bundled runtime dependency install

MEDIUM 6.5
npm

GHSA-6jm4-83g2-35gv

Duplicate Advisory: memory-wiki shared search could miss session visibility checks

UNKNOWN
npm

CVE-2026-53850

OpenClaw: Focus command could miss controlScope enforcement

HIGH 7.1
npm

CVE-2026-53865

OpenClaw: Workspace-derived service PATH could influence trash command selection

MEDIUM 6.5
npm

GHSA-r2fx-hp6p-pgrm

Duplicate Advisory: Internal/webchat command auth could inherit ownerAllowFrom wildcard state

MEDIUM 5.5
npm

GHSA-gw2c-6hcg-5g52

Duplicate Advisory: Focus command could miss controlScope enforcement

HIGH 7.1
npm

GHSA-qp5j-jr73-m2pw

Duplicate Advisory: Workspace .env npm_execpath could influence bundled runtime dependency install

MEDIUM 5.5
npm

CVE-2026-53856

OpenClaw: Config recovery could restore openclaw.json with broad file permissions

MEDIUM 5.4
npm

GHSA-hc4w-hm59-9w88

Duplicate Advisory: Empty-scope device re-pairing could confuse caller scope containment

HIGH 7.1
npm

CVE-2026-53853

OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns

HIGH 8.1
npm

CVE-2026-53849

OpenClaw: Discord allowFrom could bind to mutable display names

HIGH 8.1
npm

GHSA-p44v-rx83-vjp4

Duplicate Advisory: Discord allowFrom could bind to mutable display names

MEDIUM 6.1
npm

CVE-2026-53841

OpenClaw: Exported session HTML could keep unsafe markdown links

UNKNOWN
npm

CVE-2026-53847

OpenClaw: Active Memory write scope could mutate global config

HIGH 8.1
npm

GHSA-w7m7-3xcf-mp48

Duplicate Advisory: Zalo allowFrom could bind to mutable display names

MEDIUM 4.3
npm

GHSA-r7vv-6763-m739

Duplicate Advisory: Skill-command dispatch could skip before-tool-call hooks

MEDIUM 6.1
npm

GHSA-6xcg-6q43-rj2v

Duplicate Advisory: Exported session HTML could keep unsafe markdown links

MEDIUM 5.5
npm

GHSA-vqj9-vhg4-27mg

Duplicate Advisory: Config recovery could restore openclaw.json with broad file permissions

MEDIUM 4.3
npm

CVE-2026-53845

OpenClaw: Skill-command dispatch could skip before-tool-call hooks

MEDIUM 5.4
npm

GHSA-58wc-8wrv-xp9j

Duplicate Advisory: Active Memory write scope could mutate global config

HIGH 8.1
npm

CVE-2026-53857

OpenClaw: Zalo allowFrom could bind to mutable display names

HIGH 8.1
npm

CVE-2026-53855

OpenClaw: Shell positional parameters could weaken strict inline-eval checks

HIGH 8.1
npm

GHSA-27pq-2ph8-8x25

Duplicate Advisory: Shell positional parameters could weaken strict inline-eval checks

MEDIUM 5.3
npm

GHSA-c8w7-9w9h-x69q

Duplicate Advisory: Slack reaction events could ignore reaction notification settings

MEDIUM 5.3
npm

CVE-2026-53851

OpenClaw: Slack reaction events could ignore reaction notification settings

MEDIUM 4.3
npm

CVE-2026-53848

OpenClaw: Exec allowlist could miss side effects from transparent command wrappers

MEDIUM 4.2
npm

GHSA-h9h6-pwqv-j9hv

Duplicate Advisory: Bootstrap token replay could widen pending pairing scopes

MEDIUM 6.5
npm

GHSA-vqx6-6j84-2794

Duplicate Advisory: Hostname checks could treat trailing-dot hosts inconsistently

MEDIUM 6.5
npm

CVE-2026-53859

OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently

MEDIUM 4.2
npm

CVE-2026-53862

OpenClaw: Bootstrap token replay could widen pending pairing scopes

MEDIUM 4.3
npm

GHSA-wrr6-p5r6-474m

Duplicate Advisory: Exec allowlist could miss side effects from transparent command wrappers

MEDIUM 6.6
npm

CVE-2026-53861

OpenClaw: macOS Swift exec allowlist missed combined POSIX inline flags

MEDIUM 6.6
npm

GHSA-g796-jqmx-wf9q

Duplicate Advisory: macOS Swift exec allowlist missed combined POSIX inline flags

HIGH 8.8
npm

GHSA-wrmq-9fc4-gwwj

Duplicate Advisory: Pairing-scoped device session could restore revoked node token authority

HIGH 8.1
npm

GHSA-vr6h-vxqj-3pjx

Duplicate Advisory: Host environment sanitizer missed two Node.js control variables

HIGH 8.1
npm

GHSA-v383-2wgg-v483

Duplicate Advisory: Shell inline-command parsing could miss an allowlist check

HIGH 8.8
npm

CVE-2026-53843

OpenClaw: Pairing-scoped device session could restore revoked node token authority

HIGH 7.1
npm

CVE-2026-53842

OpenClaw: Workspace .env CLOUDSDK_PYTHON could influence Gmail setup gcloud execution

HIGH 8.1
npm

CVE-2026-53866

OpenClaw: Shell inline-command parsing could miss an allowlist check

HIGH 8.1
npm

CVE-2026-53864

OpenClaw: Host environment sanitizer missed two Node.js control variables

UNKNOWN
npm

CVE-2026-53863

OpenClaw: Tool group policy callers could accept unvalidated group IDs

HIGH 7.1
npm

GHSA-8wmm-344f-mpjg

Duplicate Advisory: Tool group policy callers could accept unvalidated group IDs

HIGH 7.1
npm

CVE-2026-53840

OpenClaw: MCP Streamable HTTP redirects could forward configured custom headers to another origin

HIGH 7.5
npm

CVE-2026-32062

OpenClaw voice-call media stream validated streams after upgrade, which could allow pre-start unauthenticated sockets to increase resource pressure

MEDIUM 6.5
npm

CVE-2026-32022

OpenClaw safeBins grep -e File Read Bypass (stdin-only policy bypass)

MEDIUM 6.1
npm

CVE-2026-22217

OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL

HIGH 7.1
npm

CVE-2026-42429

OpenClaw: Gateway plugin HTTP `auth: gateway` widens identity-bearing `operator.read` requests into runtime `operator.write`

HIGH 7.8
npm

CVE-2026-42432

OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement

HIGH 7.5
npm

CVE-2026-42437

OpenClaw: Voice-call realtime WebSocket accepted oversized frames

Ready to move

Start Securing

Free, no credit card | First findings in minutes