CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-53864
High

OpenClaw before version 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can pass malicious Node.js control variables.

CVE-2026-53863
High

OpenClaw before version 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated group IDs. Attackers can supply a group ID to the policy resolver, potentially triggering incorrect group-policy decisions for tool invocations.

CVE-2026-53858
High

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATE_DIRECTORY variable to load runtime dependencies from unintended local paths, potentially executing malicious code during dependency resolution.

CVE-2026-53857
High

OpenClaw before version 2026.5.3 contains a policy enforcement vulnerability that allows Zalo contacts with mutable display metadata to match allowFrom policy entries through display name changes. Attackers with mutable display names could receive agent responses intended for different Zalo identities when the feature is enabled.

CVE-2026-53855
High

OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters.

CVE-2026-53853
High

OpenClaw before version 2026.5.12 contains a vulnerability that allows bypassing argument pattern validation in the exec allowlist. Attackers can invoke allowlisted executables with unrestricted arguments, potentially leading to unauthorized file access, network access, or command execution.

CVE-2026-53849
High

OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user IDs. Attackers can change their display name to match a policy entry and gain unauthorized agent access intended for another Discord identity.

CVE-2026-53846
High

OpenClaw before version 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the npm_execpath configuration used for bundled runtime dependency installation. Attackers with workspace access can execute unintended local package-manager executables during dependency setup.

CVE-2026-53843
High

OpenClaw before version 2026.5.26 contains an authorization bypass vulnerability that allows a surviving pairing-scoped device session to re-establish node token authority after revocation. Attackers with a paired device can regain WebSocket node-level access without renewed approval.

CVE-2026-53842
High

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDK_PYTHON variable to execute setup through unintended local Python paths, potentially enabling arbitrary code execution.

CVE-2026-53840
High

OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards operator-configured custom headers during cross-origin redirects. Attackers can exploit this vulnerability to exfiltrate sensitive headers like API keys or tenant-routing credentials.

CVE-2026-50656
HighEPSS 87%

A vulnerability in the Microsoft Malware Protection Engine in Microsoft Defender allows elevation of privilege. This flaw, publicly known as "RoguePlanet", could be exploited by an attacker to gain higher privileges on the system.

CVE-2026-47964
High

A heap-based buffer overflow vulnerability in DNG SDK versions 1.7.1 2536 and earlier allows arbitrary code execution in the context of the current user. Exploitation requires user interaction to open a malicious file.

CVE-2026-47749
High

The stable-diffusion.cpp library has a heap buffer overflow vulnerability in the SHORT_BINUNICODE handler when parsing PyTorch checkpoint files. Versions prior to master-584-0a7ae07 are susceptible to attacks that may lead to heap corruption and potential code execution.

CVE-2026-10748
High

An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user in Sonatype Nexus Repository 3 versions before 3.92.0.

CVE-2024-39575
High

The update_disk_psu_baseline.sh script requires a password in plain text, which poses a risk of exposing sensitive information.

CVE-2026-44932
High

Passing of unsanitized strings from DHCP replies into the wicked dhcp client before version 0.6.79 could be exploited by attackers operating a malicious DHCP server to execute code on the local machine.

CVE-2026-42089
High

Yeoman Environment versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names without user confirmation. This can lead to unauthorized package installation and code execution if an attacker controls the project configuration.

CVE-2026-24228
High

The NVIDIA NeMo Framework for Linux contains a vulnerability that allows an attacker to deserialize untrusted data. A successful exploit may lead to code execution, privilege escalation, data tampering, and information disclosure.

CVE-2026-24155
High

The NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

PreviousPage 127 of 3359Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS