Codestin Search App

GHSA-JMM5-FVH5-GF4P: GHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw Authentication

GHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw Authentication Vulnerability ID: GHSA-JMM5-FVH5-GF4P CVSS Score: 5.9 Published: 2026-03-02 OpenClaw versions prior to 2026.2.12 contain a timing side-channel vulnerability in the webhook and devi...

1h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-V892-HWPG-JWQP: GHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive Extraction

GHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive Extraction Vulnerability ID: GHSA-V892-HWPG-JWQP CVSS Score: 8.8 Published: 2026-03-02 A critical Zip Slip vulnerability exists in OpenClaw versions prior to 2026.2.14. The applicatio...

1h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-943Q-MWMV-HHVH: GHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw Gateway

GHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw Gateway Vulnerability ID: GHSA-943Q-MWMV-HHVH CVSS Score: 8.8 Published: 2026-03-02 A critical privilege escalation vulnerability exists in the OpenClaw Gateway and Agent Control Policy ...

2h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-HWPQ-RRPF-PGCQ: GHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.run

GHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.run Vulnerability ID: GHSA-HWPQ-RRPF-PGCQ CVSS Score: 7.2 Published: 2026-03-02 A critical vulnerability in the OpenClaw AI assistant allows attackers to bypass execution approval me...

3h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-FQCM-97M6-W7RM: GHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message Actions

GHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message Actions Vulnerability ID: GHSA-FQCM-97M6-W7RM CVSS Score: 9.8 Published: 2026-03-02 OpenClaw prior to version 2026.3.1 contains a critical path traversal vulnerability ...

3h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-F7WW-2725-QVW2: GHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink Rebinding

GHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink Rebinding Vulnerability ID: GHSA-F7WW-2725-QVW2 CVSS Score: High Published: 2026-03-02 A high-severity Time-of-Check Time-of-Use (TOCTOU) vulnerability exists in the OpenClaw AI as...

4h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-5847-RM3G-23MW: GHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped Address

GHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped Address Vulnerability ID: GHSA-5847-RM3G-23MW CVSS Score: 7.5 Published: 2026-03-03 A security vulnerability exists in the OpenClaw AI agent framework's hook authentication mecha...

4h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-R65X-2HQR-J5HF: OpenClaw: Node Reconnect Metadata Spoofing Policy Bypass

OpenClaw: Node Reconnect Metadata Spoofing Policy Bypass Vulnerability ID: GHSA-R65X-2HQR-J5HF CVSS Score: 8.5 Published: 2026-03-03 A critical authorization bypass vulnerability exists in the OpenClaw Gateway authentication mechanism. The flaw all...

5h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-7F4Q-9RQH-X36P: GHSA-7f4q-9rqh-x36p: Execution Allowlist Bypass in OpenClaw macOS via Basename Matching

GHSA-7f4q-9rqh-x36p: Execution Allowlist Bypass in OpenClaw macOS via Basename Matching Vulnerability ID: GHSA-7F4Q-9RQH-X36P CVSS Score: 7.5 Published: 2026-03-03 A logic vulnerability in the OpenClaw macOS application allowed attackers to bypass ...

6h ago2 min read

ABAlon Baradcvereports.hashnode.dev

GHSA-RX3G-MVC3-QFJF: GHSA-rx3g-mvc3-qfjf: Arbitrary File Read via Avatar Symlink Traversal in OpenClaw

GHSA-rx3g-mvc3-qfjf: Arbitrary File Read via Avatar Symlink Traversal in OpenClaw Vulnerability ID: GHSA-RX3G-MVC3-QFJF CVSS Score: 6.6 Published: 2026-03-03 A symbolic link traversal vulnerability exists in the OpenClaw AI assistant platform, spec...

7h ago2 min read

Tag feed

#vulnerability

Tag feed

#vulnerability

GHSA-JMM5-FVH5-GF4P: GHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw Authentication

GHSA-V892-HWPG-JWQP: GHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive Extraction

GHSA-943Q-MWMV-HHVH: GHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw Gateway

GHSA-HWPQ-RRPF-PGCQ: GHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.run

GHSA-FQCM-97M6-W7RM: GHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message Actions

GHSA-F7WW-2725-QVW2: GHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink Rebinding

GHSA-5847-RM3G-23MW: GHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped Address

GHSA-R65X-2HQR-J5HF: OpenClaw: Node Reconnect Metadata Spoofing Policy Bypass

GHSA-7F4Q-9RQH-X36P: GHSA-7f4q-9rqh-x36p: Execution Allowlist Bypass in OpenClaw macOS via Basename Matching

GHSA-RX3G-MVC3-QFJF: GHSA-rx3g-mvc3-qfjf: Arbitrary File Read via Avatar Symlink Traversal in OpenClaw

#vulnerability

Search Hashnode

#vulnerability

GHSA-JMM5-FVH5-GF4P: GHSA-JMM5-FVH5-GF4P: Timing Side-Channel in OpenClaw Authentication

GHSA-V892-HWPG-JWQP: GHSA-V892-HWPG-JWQP: Zip Slip Path Traversal in OpenClaw Archive Extraction

GHSA-943Q-MWMV-HHVH: GHSA-943Q-MWMV-HHVH: Privilege Escalation and RCE in OpenClaw Gateway

GHSA-HWPQ-RRPF-PGCQ: GHSA-HWPQ-RRPF-PGCQ: Execution Approval Bypass in OpenClaw system.run

GHSA-FQCM-97M6-W7RM: GHSA-FQCM-97M6-W7RM: Arbitrary File Read via Path Traversal in OpenClaw Message Actions

GHSA-F7WW-2725-QVW2: GHSA-F7WW-2725-QVW2: TOCTOU Approval Bypass in OpenClaw via Symlink Rebinding

GHSA-5847-RM3G-23MW: GHSA-5847-RM3G-23MW: Authentication Rate Limit Bypass via IPv6-Mapped Address

GHSA-R65X-2HQR-J5HF: OpenClaw: Node Reconnect Metadata Spoofing Policy Bypass

GHSA-7F4Q-9RQH-X36P: GHSA-7f4q-9rqh-x36p: Execution Allowlist Bypass in OpenClaw macOS via Basename Matching

GHSA-RX3G-MVC3-QFJF: GHSA-rx3g-mvc3-qfjf: Arbitrary File Read via Avatar Symlink Traversal in OpenClaw