Skip to main content
CVE-2026-34243 CRITICAL GHSA Act Now

Command injection in njzjz/wenxian GitHub Actions workflow allows unauthenticated remote attackers to execute arbitrary code on CI/CD runners via malicious issue comments. The workflow directly interpolates untrusted user input from issue_comment.body into shell commands without sanitization, enabling attackers to break out of command context and run arbitrary commands. Publicly available exploit code exists with working proof-of-concept demonstrating execution of injected commands. EPSS data not available, but the low attack complexity (AC:L) and unauthenticated access (PR:N) combined with confirmed POC make this a critical risk for any deployment using the vulnerable workflow.

Command Injection RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-0558 CRITICAL PATCH Act Now

Unauthenticated file upload in parisneo/lollms versions ≤2.2.0 enables remote attackers to submit arbitrary files for text extraction without authentication via the `/api/files/extract-text` endpoint. The vulnerability (CWE-287: Improper Authentication) allows resource exhaustion DoS attacks and potential information disclosure, with CVSS 7.5 (High) reflecting network-accessible attack surface requiring no privileges. EPSS data not available; no public exploit identified at time of analysis, though the simplicity (AC:L, PR:N) suggests trivial exploitation once endpoint details are known.

Authentication Bypass Denial Of Service Information Disclosure Lollms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-4851 CRITICAL Act Now

Arbitrary Perl code execution in GRID::Machine through version 0.127 occurs when clients connect to remote hosts via RPC over SSH, as the client-side deserializer uses eval() on untrusted data from the remote peer without validation. A compromised or malicious remote host can inject arbitrary Perl code into Dumper-formatted responses that executes silently on the client during RPC calls, while maintaining correct return values to avoid detection. The vulnerability is design-inherent but the trust requirement for remote hosts is not documented, creating a security expectation mismatch for users.

Deserialization RCE Grid
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-4176 CRITICAL PATCH NEWS Act Now

Perl versions 5.9.4-5.40.3, 5.41.0-5.42.1, and 5.43.0-5.43.8 bundle a vulnerable version of Compress::Raw::Zlib that inherits multiple information-disclosure vulnerabilities from a vendored zlib library, including CVE-2026-27171. Affected users running these Perl versions can experience data exposure through the bundled compression module. Vendor patches are available in Perl 5.40.4, 5.42.2, and 5.43.9 via Compress::Raw::Zlib 2.221.

Information Disclosure Perl
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-32922 CRITICAL PATCH Act Now

Privilege escalation in OpenClaw device token rotation (versions before 2026.3.11) enables authenticated attackers with operator.pairing scope to mint tokens with arbitrary elevated scopes, including operator.admin privileges. This scope validation bypass permits remote code execution on connected nodes via system.run API and unauthorized gateway-admin access. CVSS 9.4 (Critical) with network attack vector and low complexity. EPSS and KEV data not provided; no public exploit identified at time of analysis, though technical details disclosed via GitHub security advisory increase exploitation risk.

Privilege Escalation RCE Openclaw
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.2%
CVE-2026-32978 CRITICAL PATCH GHSA Act Now

Approval bypass in OpenClaw before 2026.3.11 allows low-privileged remote attackers to execute arbitrary code by exploiting race conditions in system.run approvals. Attackers obtain legitimate approval for benign scripts, then overwrite referenced files before execution via vulnerable tsx/jiti runners. With CVSS 9.4 (critical severity, network-accessible, low complexity) and EPSS data not yet available for this 2026 CVE, organizations using OpenClaw's script execution features face immediate risk despite requiring user interaction and low-level authentication. No public exploit identified at time of analysis, though the approval bypass mechanism is documented in vendor advisory GHSA-qc36-x95h-7j53.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.0%
CVE-2026-32987 CRITICAL PATCH Act Now

Bootstrap setup code replay in OpenClaw before 2026.3.13 enables unauthenticated remote attackers to escalate privileges to operator.admin during device pairing. The vulnerability (CWE-294: Capture-replay) in src/infra/device-bootstrap.ts permits multiple verification attempts of valid bootstrap codes before approval, allowing escalation of pending pairing scopes. CVSS 9.3 (Critical) reflects network-accessible attack with low complexity and no user interaction required. EPSS data unavailable; no public exploit identified at time of analysis. Vendor-released patch available via GitHub commit 1803d16d.

Privilege Escalation Openclaw
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-34220 CRITICAL PATCH NEWS GHSA Act Now

SQL injection in MikroORM JavaScript ORM (versions ≤6.6.9 and ≤7.0.5) allows attackers to execute arbitrary SQL commands when specially crafted user-controlled objects are passed to query construction APIs. The vulnerability stems from duck-typed detection of internal ORM markers that attackers can replicate in malicious input objects. Applications passing unsanitized user input directly to write APIs like wrap().assign(), em.nativeUpdate(), em.nativeInsert(), or em.create() are exploitable. No public exploit identified at time of analysis, though the attack technique is straightforward for environments accepting untrusted JSON/object input.

SQLi
NVD GitHub
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-32915 CRITICAL PATCH Act Now

Sandbox escape in OpenClaw versions before 2026.3.11 enables low-privilege leaf subagents to bypass isolation boundaries and manipulate sibling processes with elevated tool policies. Local authenticated attackers can terminate competing worker threads, redirect execution flows, and execute operations outside their intended security context by exploiting insufficient authorization on subagent control APIs. EPSS data not available for this recent CVE; no public exploit identified at time of analysis, though the technical advisory provides detailed vulnerability mechanics.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-32918 CRITICAL PATCH GHSA Act Now

Session sandbox escape in OpenClaw versions prior to 2026.3.11 allows local authenticated attackers with low-privilege sandboxed subagent access to read and modify session data across isolation boundaries by manipulating sessionKey parameters in the session_status tool. Exploitation enables unauthorized access to parent or sibling session state including persisted model overrides, bypassing critical security isolation controls. No public exploit identified at time of analysis, though the authentication bypass mechanism is clearly documented in vendor security advisory.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
9.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy