Skip to main content
CVE-2026-32897 LOW POC PATCH Monitor

OpenClaw versions prior to 2026.2.22 suffer from cryptographic secret reuse where the gateway authentication token is inappropriately reused as a fallback hashing secret for owner-ID obfuscation in system prompts sent to third-party model providers. An unauthenticated attacker with visibility into system prompts (such as through model provider logs, prompt injection, or interception) can reverse-engineer the gateway authentication token from hash outputs when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, directly compromising authentication security. The vulnerability has a low CVSS score of 3.7 due to high attack complexity and limited impact scope, but represents a critical cryptographic design flaw that violates separation-of-concerns principles across security domains.

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.1%
CVE-2026-32050 LOW POC PATCH Monitor

OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in the signal reaction notification handling mechanism that allows unauthenticated attackers to enqueue status events before authorization checks are performed. Attackers can exploit the reaction-only event path in event-handler.ts to inject signal reaction status lines into sessions without validating proper DM or group access permissions, resulting in integrity compromise. The vulnerability has a CVSS score of 3.7 (low-to-moderate severity) with an attack vector of network, high complexity, and no privileges required, though no active exploitation or public proof-of-concept has been confirmed in known exploit databases.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-32058 LOW POC PATCH Monitor

OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness that allows attackers to reuse previously approved system.run execution requests with modified environment variables, bypassing approval-enabled workflow integrity controls. An attacker with access to an approval ID can exploit this vulnerability to execute commands with different environment settings than originally approved, effectively circumventing execution-integrity safeguards. The vulnerability requires local/network access and user interaction, resulting in a low CVSS score of 2.6, but represents a meaningful integrity violation in approval workflows where execution consistency is critical.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 3.1
2.6
EPSS
0.0%
CVE-2026-4509 LOW POC Monitor

PbootCMS versions up to 3.2.12 contain an incomplete blacklist bypass vulnerability in the file upload functionality (core/function/file.php) that allows authenticated attackers to upload dangerous files by manipulating the blacklist parameter. An attacker with login credentials can bypass file type restrictions to upload arbitrary files, potentially achieving remote code execution or other malicious outcomes. A public proof-of-concept exploit is available on GitHub, increasing the practical risk of exploitation.

PHP File Upload
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4516 LOW POC Monitor

A code injection vulnerability exists in Foundation Agents MetaGPT up to version 0.8.1, specifically in the DataInterpreter component's write_analysis_code.py file, allowing authenticated attackers to inject and execute arbitrary code remotely. The vulnerability is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) with a CVSS score of 6.3 and requires low privileges and no user interaction. A public proof-of-concept exploit is available, indicating active research and potential real-world exploitation risk.

Code Injection Metagpt
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4515 LOW POC Monitor

A code injection vulnerability exists in Foundation Agents MetaGPT versions up to 0.8.1 within the code_generate function of metagpt/ext/aflow/scripts/operator.py, allowing authenticated remote attackers to execute arbitrary code. The vulnerability is classified as CWE-94 (improper control of generation of code) and carries a CVSS score of 6.3 with network-based attack vector requiring low privileges. A public exploit has been disclosed on GitHub, and the vendor has not responded to early disclosure attempts, elevating the practical risk despite the moderate CVSS rating.

RCE Code Injection Metagpt
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4511 LOW POC Monitor

A code injection vulnerability exists in vanna-ai vanna up to version 2.0.2, specifically in the exec function of the /src/vanna/legacy file. This authenticated remote code injection allows attackers with login credentials to execute arbitrary code with limited impact on confidentiality, integrity, and availability. A proof-of-concept exploit has been publicly disclosed on GitHub, and the vendor has not responded to early disclosure notifications, making this an active concern for deployed instances.

Information Disclosure Vanna
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4514 LOW POC Monitor

PbootCMS versions up to 3.2.12 contain an improper access control vulnerability in the Backend UserController component that allows authenticated attackers to manipulate the Field argument and bypass access restrictions. An attacker with login credentials can exploit this to gain unauthorized access to sensitive user data or system functions. A proof-of-concept exploit has been publicly disclosed on GitHub and the vulnerability carries a moderate CVSS score of 6.3 with documented exploitation capability.

PHP Authentication Bypass
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4510 LOW POC Monitor

A reflected cross-site scripting (XSS) vulnerability exists in PbootCMS versions up to 3.2.12 in the alert_location function of the MemberController.php file, where the backurl parameter is not properly sanitized before output. An attacker can craft a malicious URL containing JavaScript code that will execute in a victim's browser when they click the link, potentially leading to session hijacking, credential theft, or malware distribution. A public proof-of-concept exploit is available on GitHub, increasing the risk of active exploitation.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4513 LOW POC Monitor

SQL injection in vanna-ai vanna versions up to 2.0.2 allows authenticated remote attackers to manipulate the ask function in vanna/legacy/base/base.py, potentially enabling data exfiltration or modification. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

SQLi Vanna
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-32067 LOW POC PATCH Monitor

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability in the pairing-store access control mechanism for direct message pairing policies, allowing attackers to reuse pairing approvals across multiple accounts in multi-account deployments. An authenticated attacker (PR:L) who has been approved as a sender in one account can be automatically accepted in another account without explicit re-approval, effectively bypassing authorization boundaries between accounts. The vulnerability has a CVSS score of 3.7 with medium attack complexity and low confidentiality and integrity impacts; no active exploitation in the wild (KEV) or public proof-of-concept has been confirmed, but patches are available from the vendor.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-4530 LOW POC Monitor

SQL injection in apconw Aix-DB through the terminology_retriever.py module allows local attackers to manipulate the Description argument and execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. Affected versions include Aix-DB up to 1.2.3.

SQLi Aix Db
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2290 LOW Monitor

The Post Affiliate Pro WordPress plugin versions up to 1.28.0 contain a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated administrators to make arbitrary outbound web requests from the affected server and read response content. An attacker with administrator-level access can exploit this to interact with internal services, exfiltrate data, or pivot to other systems. Wordfence has confirmed exploitation via external Collaborator endpoints, and the CVSS 6.5 score reflects moderate severity with low attack complexity.

WordPress SSRF
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2026-2756 LOW PATCH Monitor

OmniPEMF NeoRhythm contains a missing authentication vulnerability in its Bluetooth Low Energy (BLE) interface that allows unauthenticated local network attackers to achieve limited unauthorized access. The vulnerability affects all versions up to and including 20260308 and requires high attack complexity but results in confidentiality, integrity, and availability impacts. While the CVSS score is moderate at 5.0, the vendor has failed to respond to early disclosure notifications, leaving affected users without official patches or timeline guidance.

Authentication Bypass Neorhythm
NVD VulDB GitHub
CVSS 4.0
2.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy