Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-62229 | 8.8 HIGH | OpenClaw < 2026.5.18 Authorization Bypass via Glob Matching |
| CVE-2026-62203 | 8.8 HIGH | OpenClaw < 2026.6.6 Environment Variable Injection via rustup |
| CVE-2026-62202 | 8.8 HIGH | OpenClaw 2026.6.1 < 2026.6.9 Privilege Escalation via Cron |
| CVE-2026-62207 | 8.8 HIGH | OpenClaw < 2026.6.5 Authentication Bypass via Admin Tools |
| CVE-2026-62223 | 8.8 HIGH | OpenClaw < 2026.5.18 Authorization Bypass via Device-pair |
| CVE-2026-62228 | 8.8 HIGH | OpenClaw < 2026.6.5 Authorization Bypass via Node Exec Approvals |
| CVE-2026-62217 | 8.8 HIGH | OpenClaw 2026.5.14-beta.1 < 2026.5.27 Authentication Bypass via exec approvals |
| CVE-2026-62226 | 8.5 HIGH | OpenClaw 2026.3.28 < 2026.5.19 Authorization Bypass via Browser Act Route |
| CVE-2026-62209 | 8.1 HIGH | OpenClaw 2026.5.10-beta.1 < 2026.6.5 Authorization Bypass via agent-mode dispatch |
| CVE-2026-62215 | 8.0 HIGH | OpenClaw < 2026.6.5 Authentication Bypass via HTTP Canvas |
| CVE-2026-62222 | 7.8 HIGH | OpenClaw < 2026.5.22 Untrusted Plugin Loading via Setup-mode |
| CVE-2026-62201 | 7.7 HIGH | OpenClaw < 2026.6.6 Network Policy Bypass via exec-server |
| CVE-2026-62227 | 7.7 HIGH | OpenClaw 2026.4.14 < 2026.5.26 SSRF via Browser Snapshot |
| CVE-2026-62205 | 7.1 HIGH | OpenClaw 2026.4.12-beta.1 < 2026.6.6 Authorization Bypass via message actions |
| CVE-2026-62206 | 7.1 HIGH | OpenClaw < 2026.6.9 Authentication Bypass via Moderation Actions |
| CVE-2026-62212 | 7.1 HIGH | OpenClaw < 2026.5.28 Authentication Bypass via safeFetch |
| CVE-2026-62219 | 7.1 HIGH | OpenClaw 2026.2.12 < 2026.5.26 Authorization Bypass via Blank Agent IDs |
| CVE-2026-62210 | 6.5 MEDIUM | OpenClaw < 2026.6.1 Denial of Service via Remote Media URLs |
| CVE-2026-62208 | 6.5 MEDIUM | OpenClaw < 2026.6.5 Authorization Header Forwarding via SSE |
| CVE-2026-62213 | 6.5 MEDIUM | OpenClaw < 2026.5.27 Token Leakage via MS Teams Outbound Requests |
Showing top 20 of 28 CVEs. View all on vendor page → →
No comments yet