Vulnerability-Lookup

CVE-2026-33574 (GCVE-0-2026-33574)

Vulnerability from cvelistv5 – Published: 2026-03-29 12:44 – Updated: 2026-06-23 16:15

Title

OpenClaw < 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download

Summary

OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.

Severity

5.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Assigner

VulnCheck

References

3 references

URL	Tags
https://github.com/openclaw/openclaw/security/adv…	vendor-advisory
https://github.com/openclaw/openclaw/commit/9abf0…	patch
https://www.vulncheck.com/advisories/openclaw-pat…	third-party-advisory

Impacted products

1 product

Vendor	Product	Version
OpenClaw	OpenClaw	Affected: 0 , < 2026.3.8 (semver) Unaffected: 2026.3.8 (semver)

Date Public

2026-03-11 00:00

Credits

tdjackey

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33574",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-30T14:28:38.449529Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-30T14:29:12.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.3.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.3.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
                  "versionEndExcluding": "2026.3.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "tdjackey"
        }
      ],
      "datePublic": "2026-03-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T16:15:34.377Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-vhwf-4x96-vqx2)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2"
        },
        {
          "name": "Patch Commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639"
        },
        {
          "name": "VulnCheck Advisory: OpenClaw \u003c 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download"
        }
      ],
      "title": "OpenClaw \u003c 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-33574",
    "datePublished": "2026-03-29T12:44:31.816Z",
    "dateReserved": "2026-03-23T11:00:48.408Z",
    "dateUpdated": "2026-06-23T16:15:34.377Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-33574",
      "date": "2026-06-29",
      "epss": "0.00087",
      "percentile": "0.00473"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-33574\",\"sourceIdentifier\":\"disclosure@vulncheck.com\",\"published\":\"2026-03-29T13:17:03.173\",\"lastModified\":\"2026-06-17T10:37:43.530\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.\"},{\"lang\":\"es\",\"value\":\"OpenClaw antes de 2026.3.8 contiene una vulnerabilidad de salto de ruta en el instalador de descarga de habilidades que valida la ra\u00edz de las herramientas l\u00e9xicamente pero reutiliza la ruta mutable durante las operaciones de descarga y copia del archivo. Un atacante local puede reasignar la ruta tools-root entre la validaci\u00f3n y la escritura final para redirigir el instalador fuera del directorio de herramientas previsto.\"}],\"affected\":[{\"source\":\"disclosure@vulncheck.com\",\"affectedData\":[{\"vendor\":\"OpenClaw\",\"product\":\"OpenClaw\",\"defaultStatus\":\"unaffected\",\"packageURL\":\"pkg:npm/openclaw\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"2026.3.8\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"2026.3.8\",\"versionType\":\"semver\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-30T14:28:38.449529Z\",\"id\":\"CVE-2026-33574\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"2026.3.8\",\"matchCriteriaId\":\"0A2A36CE-E6EC-4C9C-85F4-06C408B57A72\"}]}]}],\"references\":[{\"url\":\"https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33574\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-30T14:28:38.449529Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-30T14:29:00.863Z\"}}], \"cna\": {\"title\": \"OpenClaw \u003c 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"tdjackey\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.8, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"OpenClaw\", \"product\": \"OpenClaw\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2026.3.8\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"2026.3.8\", \"versionType\": \"semver\"}], \"packageURL\": \"pkg:npm/openclaw\", \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-03-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2\", \"name\": \"GitHub Security Advisory (GHSA-vhwf-4x96-vqx2)\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639\", \"name\": \"Patch Commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download\", \"name\": \"VulnCheck Advisory: OpenClaw \u003c 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"vulncheck\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-367\", \"description\": \"Time-of-check Time-of-use (TOCTOU) Race Condition\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2026.3.8\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"shortName\": \"VulnCheck\", \"dateUpdated\": \"2026-03-29T12:44:31.816Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-33574\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-30T14:29:12.143Z\", \"dateReserved\": \"2026-03-23T11:00:48.408Z\", \"assignerOrgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"datePublished\": \"2026-03-29T12:44:31.816Z\", \"assignerShortName\": \"VulnCheck\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CNVD-2026-16699

Vulnerability from cnvd - Published: 2026-04-10

Title

OpenClaw存在未明漏洞（CNVD-2026-16699）

Description

OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw存在安全漏洞，攻击者可利用该漏洞在验证和最终写入之间重新绑定工具根路径。

Severity

中

Patch Name

OpenClaw存在未明漏洞（CNVD-2026-16699）的补丁

Patch Description

OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw存在安全漏洞，攻击者可利用该漏洞在验证和最终写入之间重新绑定工具根路径。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2

Reference

https://nvd.nist.gov/vuln/detail/CVE-2026-33574

Impacted products

Name
OpenClaw OpenClaw <2026.3.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-33574",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-33574"
    }
  },
  "description": "OpenClaw\u662fOpenClaw\u5f00\u6e90\u7684\u4e00\u4e2a\u667a\u80fd\u4eba\u5de5\u52a9\u7406\u3002\n\nOpenClaw\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u9a8c\u8bc1\u548c\u6700\u7ec8\u5199\u5165\u4e4b\u95f4\u91cd\u65b0\u7ed1\u5b9a\u5de5\u5177\u6839\u8def\u5f84\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-16699",
  "openTime": "2026-04-10",
  "patchDescription": "OpenClaw\u662fOpenClaw\u5f00\u6e90\u7684\u4e00\u4e2a\u667a\u80fd\u4eba\u5de5\u52a9\u7406\u3002\r\n\r\nOpenClaw\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u9a8c\u8bc1\u548c\u6700\u7ec8\u5199\u5165\u4e4b\u95f4\u91cd\u65b0\u7ed1\u5b9a\u5de5\u5177\u6839\u8def\u5f84\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OpenClaw\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2026-16699\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "OpenClaw OpenClaw \u003c2026.3.8"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2026-33574",
  "serverity": "\u4e2d",
  "submitTime": "2026-04-08",
  "title": "OpenClaw\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2026-16699\uff09"
}

FKIE_CVE-2026-33574

Vulnerability from fkie_nvd - Published: 2026-03-29 13:17 - Updated: 2026-06-17 10:37

Severity

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
disclosure@vulncheck.com	https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639	Patch
disclosure@vulncheck.com	https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2	Vendor Advisory
disclosure@vulncheck.com	https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download	Third Party Advisory

Impacted products

	Vendor	Product	Version
	openclaw	openclaw	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.3.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.3.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "source": "disclosure@vulncheck.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "0A2A36CE-E6EC-4C9C-85F4-06C408B57A72",
              "versionEndExcluding": "2026.3.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory."
    },
    {
      "lang": "es",
      "value": "OpenClaw antes de 2026.3.8 contiene una vulnerabilidad de salto de ruta en el instalador de descarga de habilidades que valida la ra\u00edz de las herramientas l\u00e9xicamente pero reutiliza la ruta mutable durante las operaciones de descarga y copia del archivo. Un atacante local puede reasignar la ruta tools-root entre la validaci\u00f3n y la escritura final para redirigir el instalador fuera del directorio de herramientas previsto."
    }
  ],
  "id": "CVE-2026-33574",
  "lastModified": "2026-06-17T10:37:43.530",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 3.6,
        "source": "disclosure@vulncheck.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "disclosure@vulncheck.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2026-33574",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-03-30T14:28:38.449529Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-03-29T13:17:03.173",
  "references": [
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639"
    },
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2"
    },
    {
      "source": "disclosure@vulncheck.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download"
    }
  ],
  "sourceIdentifier": "disclosure@vulncheck.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-367"
        }
      ],
      "source": "disclosure@vulncheck.com",
      "type": "Secondary"
    }
  ]
}

GHSA-6Q2V-VFWP-PVWH

Vulnerability from github – Published: 2026-03-29 15:30 – Updated: 2026-04-06 22:46

Summary

Duplicate Advisory: OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path

Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-vhwf-4x96-vqx2. This link is maintained to preserve external references.

Original Description

Severity

6.2 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5.8 (Medium)


                  
                    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-367"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-06T22:46:34Z",
    "nvd_published_at": "2026-03-29T13:17:03Z",
    "severity": "MODERATE"
  },
  "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-vhwf-4x96-vqx2. This link is maintained to preserve external references.\n\n### Original Description\nOpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.",
  "id": "GHSA-6q2v-vfwp-pvwh",
  "modified": "2026-04-06T22:46:34Z",
  "published": "2026-03-29T15:30:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33574"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Duplicate Advisory: OpenClaw\u0027s skills-install-download can be redirected outside the tools root by rebinding the validated base path",
  "withdrawn": "2026-04-06T22:46:34Z"
}

GHSA-VHWF-4X96-VQX2

Vulnerability from github – Published: 2026-03-12 14:21 – Updated: 2026-04-06 22:46

Summary

OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path

Details

OpenClaw's skills download installer validated the intended per-skill tools root lexically, but later reused that mutable path while downloading and copying the archive into place. If a local attacker could rebind that tools-root path between validation and the final write, the installer could be redirected to write outside the intended tools directory.

The fix pins the canonical per-skill tools root immediately after validation and derives later download/copy paths from that canonical root, so rebinding the lexical path fails closed instead of redirecting the write.

Affected Packages / Versions

Package: openclaw (npm)
Latest published vulnerable version: 2026.3.7
Affected range: <= 2026.3.7
Fixed in released version: 2026.3.8

Fix Commit(s)

9abf014f3502009faf9c73df5ca2cff719e54639

Release Verification

Verified fixed in GitHub release v2026.3.8 published on March 9, 2026.
Verified npm view openclaw version resolves to 2026.3.8.
Verified the release contains the regression test covering tools-root rebinding and that the test passes against the v2026.3.8 tree.

Thanks @tdjackey for reporting.

Severity

6.9 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.7"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33574"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-367"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-12T14:21:32Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "OpenClaw\u0027s skills download installer validated the intended per-skill tools root lexically, but later reused that mutable path while downloading and copying the archive into place. If a local attacker could rebind that tools-root path between validation and the final write, the installer could be redirected to write outside the intended tools directory.\n\nThe fix pins the canonical per-skill tools root immediately after validation and derives later download/copy paths from that canonical root, so rebinding the lexical path fails closed instead of redirecting the write.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Latest published vulnerable version: `2026.3.7`\n- Affected range: `\u003c= 2026.3.7`\n- Fixed in released version: `2026.3.8`\n\n## Fix Commit(s)\n\n- `9abf014f3502009faf9c73df5ca2cff719e54639`\n\n## Release Verification\n\n- Verified fixed in GitHub release `v2026.3.8` published on March 9, 2026.\n- Verified `npm view openclaw version` resolves to `2026.3.8`.\n- Verified the release contains the regression test covering tools-root rebinding and that the test passes against the `v2026.3.8` tree.\n\nThanks @tdjackey for reporting.",
  "id": "GHSA-vhwf-4x96-vqx2",
  "modified": "2026-04-06T22:46:40Z",
  "published": "2026-03-12T14:21:32Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33574"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/9abf014f3502009faf9c73df5ca2cff719e54639"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-path-traversal-via-tools-root-rebinding-in-skills-download"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw\u0027s skills-install-download can be redirected outside the tools root by rebinding the validated base path"
}

WID-SEC-W-2026-0691

Vulnerability from csaf_certbund - Published: 2026-03-10 23:00 - Updated: 2026-03-31 22:00

Summary

OpenClaw: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: OpenClaw ist ein persönlicher KI-Assistent zur Ausführung auf eigenen Geräten.

Angriff: Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder andere, nicht näher spezifizerte Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2026-32921

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Open Source OpenClaw <2026.3.8 Open Source / OpenClaw		<2026.3.8

CVE-2026-33574

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Open Source OpenClaw <2026.3.8 Open Source / OpenClaw		<2026.3.8

CVE-2026-34506

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Open Source OpenClaw <2026.3.8 Open Source / OpenClaw		<2026.3.8

CVE-2026-34509

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Open Source OpenClaw <2026.3.8 Open Source / OpenClaw		<2026.3.8

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://github.com/openclaw/openclaw/security/adv…	external
https://github.com/openclaw/openclaw/security/adv…	external
https://github.com/openclaw/openclaw/security/adv…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "OpenClaw ist ein pers\u00f6nlicher KI-Assistent zur Ausf\u00fchrung auf eigenen Ger\u00e4ten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren oder andere, nicht n\u00e4her spezifizerte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0691 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0691.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0691 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0691"
      },
      {
        "category": "external",
        "summary": "OpenClaw GitHub vom 2026-03-10",
        "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8g75-q649-6pv6"
      },
      {
        "category": "external",
        "summary": "OpenClaw GitHub vom 2026-03-10",
        "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-g7cr-9h7q-4qxq"
      },
      {
        "category": "external",
        "summary": "OpenClaw GitHub vom 2026-03-10",
        "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-vhwf-4x96-vqx2"
      }
    ],
    "source_lang": "en-US",
    "title": "OpenClaw: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-31T22:00:00.000+00:00",
      "generator": {
        "date": "2026-04-01T09:59:15.562+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0691",
      "initial_release_date": "2026-03-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-29T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE-2026-33574 erg\u00e4nzt"
        },
        {
          "date": "2026-03-31T22:00:00.000+00:00",
          "number": "3",
          "summary": "CVE\u0027s erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2026.3.8",
                "product": {
                  "name": "Open Source OpenClaw \u003c2026.3.8",
                  "product_id": "T051620"
                }
              },
              {
                "category": "product_version",
                "name": "2026.3.8",
                "product": {
                  "name": "Open Source OpenClaw 2026.3.8",
                  "product_id": "T051620-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openclaw:openclaw:2026.3.8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenClaw"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-32921",
      "product_status": {
        "known_affected": [
          "T051620"
        ]
      },
      "release_date": "2026-03-10T23:00:00.000+00:00",
      "title": "CVE-2026-32921"
    },
    {
      "cve": "CVE-2026-33574",
      "product_status": {
        "known_affected": [
          "T051620"
        ]
      },
      "release_date": "2026-03-10T23:00:00.000+00:00",
      "title": "CVE-2026-33574"
    },
    {
      "cve": "CVE-2026-34506",
      "product_status": {
        "known_affected": [
          "T051620"
        ]
      },
      "release_date": "2026-03-10T23:00:00.000+00:00",
      "title": "CVE-2026-34506"
    },
    {
      "cve": "CVE-2026-34509",
      "product_status": {
        "known_affected": [
          "T051620"
        ]
      },
      "release_date": "2026-03-10T23:00:00.000+00:00",
      "title": "CVE-2026-34509"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-33574 (GCVE-0-2026-33574)

CNVD-2026-16699

FKIE_CVE-2026-33574

GHSA-6Q2V-VFWP-PVWH

Duplicate Advisory

Original Description

GHSA-VHWF-4X96-VQX2

Affected Packages / Versions

Fix Commit(s)

Release Verification

WID-SEC-W-2026-0691

Tags

Sightings

Nomenclature