Количество 2
Количество 2
CVE-2026-25253
7 дней назад
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
CVSS3: 8.8
EPSS: Низкий
GHSA-g8p2-7wf7-98mq
6 дней назад
OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl
CVSS3: 8.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-25253 OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value. | CVSS3: 8.8 | 0% Низкий | 7 дней назад |
| GHSA-g8p2-7wf7-98mq OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl | CVSS3: 8.8 | 0% Низкий | 6 дней назад |
Уязвимостей на страницу
20