ABAlon Baradincvereports.hashnode.devGHSA-V892-HWPG-JWQP: GHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive ExtractionGHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive Extraction Vulnerability ID: GHSA-V892-HWPG-JWQP CVSS Score: 8.8 Published: 2026-03-02 A critical Zip Slip vulnerability exists in OpenClaw versions prior to 2026.2.14. The applicatio...2h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-47Q7-97XP-M272: GHSA-47Q7-97XP-M272: Cleartext Credential Exposure via Configuration Persistence in OpenClawGHSA-47Q7-97XP-M272: Cleartext Credential Exposure via Configuration Persistence in OpenClaw Vulnerability ID: GHSA-47Q7-97XP-M272 CVSS Score: 7.4 Published: 2026-03-02 A critical information disclosure vulnerability exists in the OpenClaw AI assis...5m ago·2 min read
FTFelipe Tamegaoinsevaltrading.hashnode.devGlobal Trade Disruption: Ocean Carriers Temporarily Halt Transits Through the Strait of HormuzIn a significant development that underscores the fragile security dynamics of global trade routes, several ocean carriers have decided to temporarily halt their transits through the Strait of Hormuz. This decision comes on the heels of heightened re...30m ago·3 min read
ABAlon Baradincvereports.hashnode.devGHSA-JMM5-FVH5-GF4P: GHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw AuthenticationGHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw Authentication Vulnerability ID: GHSA-JMM5-FVH5-GF4P CVSS Score: 5.9 Published: 2026-03-02 OpenClaw versions prior to 2026.2.12 contain a timing side-channel vulnerability in the webhook and devi...2h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-943Q-MWMV-HHVH: GHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw GatewayGHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw Gateway Vulnerability ID: GHSA-943Q-MWMV-HHVH CVSS Score: 8.8 Published: 2026-03-02 A critical privilege escalation vulnerability exists in the OpenClaw Gateway and Agent Control Policy ...3h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-HWPQ-RRPF-PGCQ: GHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.runGHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.run Vulnerability ID: GHSA-HWPQ-RRPF-PGCQ CVSS Score: 7.2 Published: 2026-03-02 A critical vulnerability in the OpenClaw AI assistant allows attackers to bypass execution approval me...4h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-FQCM-97M6-W7RM: GHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message ActionsGHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message Actions Vulnerability ID: GHSA-FQCM-97M6-W7RM CVSS Score: 9.8 Published: 2026-03-02 OpenClaw prior to version 2026.3.1 contains a critical path traversal vulnerability ...4h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-F7WW-2725-QVW2: GHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink RebindingGHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink Rebinding Vulnerability ID: GHSA-F7WW-2725-QVW2 CVSS Score: High Published: 2026-03-02 A high-severity Time-of-Check Time-of-Use (TOCTOU) vulnerability exists in the OpenClaw AI as...5h ago·2 min read
ABAlon Baradincvereports.hashnode.devGHSA-5847-RM3G-23MW: GHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped AddressGHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped Address Vulnerability ID: GHSA-5847-RM3G-23MW CVSS Score: 7.5 Published: 2026-03-03 A security vulnerability exists in the OpenClaw AI agent framework's hook authentication mecha...5h ago·2 min read
OIOghenemaro Ikelegbeincybersage.hashnode.devHow Developers Are Being Targeted Through Bogus Coding TestsSoftware developers hunting for their next job opportunity are being targeted by a sophisticated hacking campaign that turns routine technical assessments into malware delivery systems. Microsoft has 9h ago·9 min read
