134 Total CVEs
37 AI Analyzed
0 CISA KEV
16 Critical
All Vendors
Showing 1-134 of 134 CVEs
CVE-2026-53843
Analyzed
8.8
OpenClaw OpenClaw

OpenClaw before 2026

2026-06-17
CVE-2026-53838
Analyzed
9.8
OpenClaw Multiple Products

OpenClaw contains a state mutation vulnerability in node pairing that allows attackers to bypass approval restrictions and elevate node authority.

2026-06-13
CVE-2026-53836
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-13
CVE-2026-53831
Analyzed
8.3
OpenClaw OpenClaw

OpenClaw before 2026

2026-06-13
CVE-2026-53829
Analyzed
8
OpenClaw OpenClaw

OpenClaw before 2026

2026-06-14
CVE-2026-53828
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-13
CVE-2026-53822
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-13
CVE-2026-53821
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-13
CVE-2026-53819
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-12
CVE-2026-53817
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-12
CVE-2026-53814
Analyzed
8.3
OpenClaw OpenClaw

OpenClaw before 2026

2026-06-12
CVE-2026-53811
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-12
CVE-2026-53810
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-12
CVE-2026-53807
Analyzed
8.8
OpenClaw OpenClaw

OpenClaw before 2026

2026-06-12
CVE-2026-53806
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-06-12
CVE-2026-45006
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-45004
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-45001
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-44995
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-12
CVE-2026-44118
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-44116
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-44115
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-44114
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-44110
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-44109
Analyzed
9.8
OpenClaw Sandbox Browser

OpenClaw contains an authentication bypass in webhook validation that allows unauthenticated attackers to execute arbitrary commands.

2026-05-07
CVE-2026-43585
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-43584
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-07
CVE-2026-43578
Analyzed
9.1
OpenClaw Sandbox Browser

OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade detection misses async execution completion events.

2026-05-07
CVE-2026-43575
Analyzed
9.8
OpenClaw Sandbox Browser

OpenClaw contains an authentication bypass in the noVNC helper route, allowing unauthenticated attackers to hijack interactive browser sessions.

2026-05-07
CVE-2026-43573
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43571
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43569
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43566
Analyzed
9.1
OpenClaw OpenClaw

OpenClaw contains a privilege escalation vulnerability where heartbeat owner downgrade logic incorrectly skips webhook wake events, allowing attackers...

2026-05-06
CVE-2026-43534
Analyzed
9.1
OpenClaw OpenClaw

OpenClaw contains an input validation vulnerability allowing external hook metadata to be enqueued as trusted system events, leading to privilege esca...

2026-05-06
CVE-2026-43533
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43531
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43527
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-43526
8.2
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-42439
8.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-42438
7.7
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42437
7.5
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42436
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-06
CVE-2026-42434
8.8
OpenClaw Multiple Products

OpenClaw versions 2026

2026-05-06
CVE-2026-42432
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42431
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42426
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42423
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-42422
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41914
8.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41912
7.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41404
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41399
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41396
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41395
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41394
8.2
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41387
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41386
Analyzed
9.1
OpenClaw OpenClaw

A privilege escalation vulnerability in OpenClaw during device pairing allows attackers to gain unauthorized access by manipulating device roles.

2026-04-29
CVE-2026-41384
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41383
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41378
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-29
CVE-2026-41371
8.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-28
CVE-2026-41364
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-28
CVE-2026-41361
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41359
7.1
OpenClaw configuration and

OpenClaw before 2026

2026-04-24
CVE-2026-41353
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41352
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41349
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41347
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41342
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41336
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-24
CVE-2026-41329
Analyzed
9.9
OpenClaw Multiple Products

OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and send...

2026-04-21
CVE-2026-41302
7.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41299
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41297
7.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41296
8.2
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41295
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-41294
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-21
CVE-2026-3690
Analyzed
7.4
OpenClaw Canvas

OpenClaw Canvas Authentication Bypass Vulnerability

2026-04-12
CVE-2026-35674
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-05-30
CVE-2026-35669
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35668
7.7
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35666
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35663
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35660
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35653
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35650
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-12
CVE-2026-35645
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35643
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35641
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-11
CVE-2026-35639
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35638
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-35625
7.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-34512
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-10
CVE-2026-34504
8.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-34503
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-34426
Analyzed
7.6
OpenClaw Multiple Products

OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerability due to inconsistent environment variable normalization between appr...

2026-04-03
CVE-2026-33579
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-33577
8.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-33575
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-33573
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-33572
8.4
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32988
7.5
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-32987
Analyzed
9.8
OpenClaw OpenClaw

OpenClaw's device pairing process is vulnerable to a replay attack where bootstrap setup codes can be reused to escalate pairing scopes to administrat...

2026-03-30
CVE-2026-32982
7.5
OpenClaw bot tokens

OpenClaw before 2026

2026-04-01
CVE-2026-32980
7.5
OpenClaw webhook request

OpenClaw before 2026

2026-03-30
CVE-2026-32979
7.3
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32978
8
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32975
Analyzed
9.8
OpenClaw OpenClaw

A weak authorization vulnerability in OpenClaw's Zalouser allowlist mode allows attackers to bypass channel authorization by spoofing mutable group di...

2026-03-30
CVE-2026-32974
8.6
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32972
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32971
7.1
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-32924
Analyzed
9.8
OpenClaw OpenClaw

An authorization bypass in OpenClaw's Feishu integration misclassifies group chat reaction events as private conversations, allowing attackers to circ...

2026-03-30
CVE-2026-32922
Analyzed
9.9
OpenClaw OpenClaw

A privilege escalation vulnerability in OpenClaw's token rotation mechanism allows users with limited pairing scopes to mint high-privilege administra...

2026-03-30
CVE-2026-32920
8.4
OpenClaw Multiple Products

OpenClaw before 2026

2026-04-01
CVE-2026-32918
8.4
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32917
Analyzed
9.8
OpenClaw OpenClaw

OpenClaw contains a remote command injection vulnerability in the iMessage attachment staging flow. Unsanitized SCP paths allow attackers to execute c...

2026-04-01
CVE-2026-32916
Analyzed
9.4
OpenClaw OpenClaw

OpenClaw versions before 2026.3.11 contain an unauthenticated authorization bypass allowing remote attackers to execute privileged gateway actions via...

2026-04-01
CVE-2026-32915
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32914
8.8
OpenClaw Multiple Products

OpenClaw before 2026

2026-03-30
CVE-2026-32913
Analyzed
9.3
OpenClaw OpenClaw

OpenClaw fails to properly validate headers during cross-origin redirects, leading to the leakage of sensitive authorization headers like API keys to...

2026-03-24
CVE-2026-32059
8.8
OpenClaw Multiple Products

OpenClaw version 2026

2026-03-12
CVE-2026-32042
8.8
OpenClaw Multiple Products

OpenClaw versions 2026

2026-03-21
CVE-2026-31998
7
OpenClaw sender access

OpenClaw versions 2026

2026-03-19
CVE-2026-28485
8.4
OpenClaw Multiple Products

OpenClaw versions 2026

2026-03-06
CVE-2026-28474
Analyzed
9.8
OpenClaw Nextcloud Talk plugin

OpenClaw's Nextcloud Talk plugin uses mutable display names for allowlist validation. Attackers can bypass access controls by changing their display n...

2026-03-06
CVE-2026-28468
7.7
OpenClaw Multiple Products

OpenClaw versions 2026

2026-03-07
CVE-2026-28458
8.1
OpenClaw Multiple Products

OpenClaw version 2026

2026-03-07
CVE-2026-28456
8.4
OpenClaw Multiple Products

OpenClaw versions 2026

2026-03-06
CVE-2026-28447
8.1
OpenClaw Multiple Products

OpenClaw versions 2026

2026-03-07
CVE-2026-28393
7.7
OpenClaw Multiple Products

OpenClaw versions 2

2026-03-07
CVE-2026-27487
Analyzed
7.6
OpenClaw OpenClaw AI Assistant

OpenClaw is a personal AI assistant

2026-02-22
CVE-2026-25253
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw (aka clawdbot or Moltbot) before 2026

2026-02-02
CVE-2026-25157
Analyzed
7.7
OpenClaw OpenClaw

OpenClaw is a personal AI assistant

2026-02-05
CVE-2026-24763
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices

2026-02-03