Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-62229 | 8.8 HIGH | OpenClaw < 2026.5.18 Authorization Bypass via Glob Matching |
| CVE-2026-62203 | 8.8 HIGH | OpenClaw < 2026.6.6 Environment Variable Injection via rustup |
| CVE-2026-62202 | 8.8 HIGH | OpenClaw 2026.6.1 < 2026.6.9 Privilege Escalation via Cron |
| CVE-2026-62207 | 8.8 HIGH | OpenClaw < 2026.6.5 Authentication Bypass via Admin Tools |
| CVE-2026-62223 | 8.8 HIGH | OpenClaw < 2026.5.18 Authorization Bypass via Device-pair |
| CVE-2026-62228 | 8.8 HIGH | OpenClaw < 2026.6.5 Authorization Bypass via Node Exec Approvals |
| CVE-2026-62217 | 8.8 HIGH | OpenClaw 2026.5.14-beta.1 < 2026.5.27 Authentication Bypass via exec approvals |
| CVE-2026-62218 | 8.8 HIGH | OpenClaw 2026.1.20 < 2026.5.27 Authorization Bypass via device.pair.approve |
| CVE-2026-62226 | 8.5 HIGH | OpenClaw 2026.3.28 < 2026.5.19 Authorization Bypass via Browser Act Route |
| CVE-2026-62209 | 8.1 HIGH | OpenClaw 2026.5.10-beta.1 < 2026.6.5 Authorization Bypass via agent-mode dispatch |
| CVE-2026-62215 | 8.0 HIGH | OpenClaw < 2026.6.5 Authentication Bypass via HTTP Canvas |
| CVE-2026-62222 | 7.8 HIGH | OpenClaw < 2026.5.22 Untrusted Plugin Loading via Setup-mode |
| CVE-2026-62227 | 7.7 HIGH | OpenClaw 2026.4.14 < 2026.5.26 SSRF via Browser Snapshot |
| CVE-2026-62201 | 7.7 HIGH | OpenClaw < 2026.6.6 Network Policy Bypass via exec-server |
| CVE-2026-62219 | 7.1 HIGH | OpenClaw 2026.2.12 < 2026.5.26 Authorization Bypass via Blank Agent IDs |
| CVE-2026-62212 | 7.1 HIGH | OpenClaw < 2026.5.28 Authentication Bypass via safeFetch |
| CVE-2026-62206 | 7.1 HIGH | OpenClaw < 2026.6.9 Authentication Bypass via Moderation Actions |
| CVE-2026-62205 | 7.1 HIGH | OpenClaw 2026.4.12-beta.1 < 2026.6.6 Authorization Bypass via message actions |
| CVE-2026-62214 | 6.5 MEDIUM | OpenClaw < 2026.5.28 Bot Framework SSRF via serviceUrl Parameter Validation |
| CVE-2026-62213 | 6.5 MEDIUM | OpenClaw < 2026.5.27 Token Leakage via MS Teams Outbound Requests |
Showing top 20 of 28 CVEs. View all on vendor page → →
No comments yet