exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2026-25593

3 дня назад

OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20.

CVSS3: 8.4

EPSS: Низкий

GHSA-g55j-c2v4-pjcg

5 дней назад

OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply

CVSS3: 8.4

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2026-25593 OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20.	CVSS3: 8.4	0% Низкий	3 дня назад
	GHSA-g55j-c2v4-pjcg OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply	CVSS3: 8.4	0% Низкий	5 дней назад

Уязвимостей на страницу