4.3
CVE-2026-41338 - OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in apply_patch, remove, and mkdir operations to manipulate files between validation and execution.
6.3
CVE-2026-41337 - OpenClaw < 2026.3.31 - Callback Origin Mutation in Plivo Voice-call Replay
OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers with captured valid callbacks for live calls can exploit this to manipulate callback origins during thβ¦
8.5
CVE-2026-41336 - OpenClaw < 2026.3.31 - Arbitrary Hook Code Execution via OPENCLAW_BUNDLED_HOOKS_DIR Environment Varβ¦
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code.
6.9
CVE-2026-41335 - OpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSON
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and aβ¦
7.1
CVE-2026-41334 - OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass
OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption.
6.3
CVE-2026-41333 - OpenClaw < 2026.3.31 - Authentication Rate Limiting Bypass via Fake DeviceToken
OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute foβ¦
5.8
CVE-2026-41332 - OpenClaw < 2026.3.28 - Code Execution via Missing Environment Variable Blocklist
OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI behavior through attacker-controlled configuration fileβ¦
8
CVE-2026-32172 - Microsoft Power Apps Remote Code Execution Vulnerability
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.
10
CVE-2026-35431 - Microsoft Entra ID Entitlement Management Spoofing Vulnerability
Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.
9.6
CVE-2026-24303 - Microsoft Partner Center Elevation of Privilege Vulnerability
Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.