https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 20 Jun 2026 01:35:33 +0000 https://vulnerability.circl.lu/sighting/07945c8b-9f4d-40dc-bfc6-fa21f7834b7e/export {"uuid": "07945c8b-9f4d-40dc-bfc6-fa21f7834b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5386", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzfeh5the2d", "content": "CVE-2026-5386 - KMW CCTV Security Cameras Unverified Password Change\nCVE ID : CVE-2026-5386\n \n Published : May 29, 2026, 6:17 p.m. | 54\u00a0minutes ago\n \n Description : The affected\u00a0KMW CCTV Security Cameras are\u00a0vulnerable to a critical unauthenticated password reset. This flaw al...", "creation_timestamp": "2026-05-29T20:38:47.020424Z"} {"uuid": "07945c8b-9f4d-40dc-bfc6-fa21f7834b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5386", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzfeh5the2d", "content": "CVE-2026-5386 - KMW CCTV Security Cameras Unverified Password Change\nCVE ID : CVE-2026-5386\n \n Published : May 29, 2026, 6:17 p.m. | 54\u00a0minutes ago\n \n Description : The affected\u00a0KMW CCTV Security Cameras are\u00a0vulnerable to a critical unauthenticated password reset. This flaw al...", "creation_timestamp": "2026-05-29T20:38:47.020424Z"} https://vulnerability.circl.lu/sighting/07945c8b-9f4d-40dc-bfc6-fa21f7834b7e/export Fri, 29 May 2026 20:38:47 +0000 https://vulnerability.circl.lu/sighting/d669b33b-8dc8-472c-899e-47eac45b2b5d/export {"uuid": "d669b33b-8dc8-472c-899e-47eac45b2b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5386", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnff3wy7it2f", "content": "Critical flaw in KMW CCTV cameras (CVE-2026-5386) allows unauthorized access to live feeds. Organizations must act now to secure their systems. #CyberSecurity #CCTV #IoT #Vulnerability Link: thedailytechfeed.com/critical-fla...", "creation_timestamp": "2026-06-03T15:05:58.646628Z"} {"uuid": "d669b33b-8dc8-472c-899e-47eac45b2b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5386", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnff3wy7it2f", "content": "Critical flaw in KMW CCTV cameras (CVE-2026-5386) allows unauthorized access to live feeds. Organizations must act now to secure their systems. #CyberSecurity #CCTV #IoT #Vulnerability Link: thedailytechfeed.com/critical-fla...", "creation_timestamp": "2026-06-03T15:05:58.646628Z"} https://vulnerability.circl.lu/sighting/d669b33b-8dc8-472c-899e-47eac45b2b5d/export Wed, 03 Jun 2026 15:05:58 +0000 https://vulnerability.circl.lu/sighting/8c8830ab-3ed3-4429-acec-bf6d4a332db4/export {"uuid": "8c8830ab-3ed3-4429-acec-bf6d4a332db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53868", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo543qubjy23", "content": "CVE-2026-53868 - Capgo\nCVE ID : CVE-2026-53868\n \n Published : June 12, 2026, 10:16 p.m. | 2\u00a0hours, 51\u00a0minutes ago\n \n Description : Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without v...", "creation_timestamp": "2026-06-13T01:30:45.757816Z"} {"uuid": "8c8830ab-3ed3-4429-acec-bf6d4a332db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53868", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo543qubjy23", "content": "CVE-2026-53868 - Capgo\nCVE ID : CVE-2026-53868\n \n Published : June 12, 2026, 10:16 p.m. | 2\u00a0hours, 51\u00a0minutes ago\n \n Description : Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without v...", "creation_timestamp": "2026-06-13T01:30:45.757816Z"} https://vulnerability.circl.lu/sighting/8c8830ab-3ed3-4429-acec-bf6d4a332db4/export Sat, 13 Jun 2026 01:30:45 +0000 https://vulnerability.circl.lu/sighting/a328a847-b24b-499b-a49f-8e7abda5404b/export {"uuid": "a328a847-b24b-499b-a49f-8e7abda5404b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53866", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moglm7xyvh2t", "content": "\ud83d\udfe0 CVE-2026-53866 - High (8.1)\n\nOpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command pars...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53866/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T20:00:19.394182Z"} {"uuid": "a328a847-b24b-499b-a49f-8e7abda5404b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53866", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moglm7xyvh2t", "content": "\ud83d\udfe0 CVE-2026-53866 - High (8.1)\n\nOpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command pars...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53866/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T20:00:19.394182Z"} https://vulnerability.circl.lu/sighting/a328a847-b24b-499b-a49f-8e7abda5404b/export Tue, 16 Jun 2026 20:00:19 +0000 https://vulnerability.circl.lu/sighting/e8bac0a0-6628-4141-8677-cee4446f99be/export {"uuid": "e8bac0a0-6628-4141-8677-cee4446f99be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53864", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moglmhdrsi27", "content": "\ud83d\udfe0 CVE-2026-53864 - High (8.1)\n\nOpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53864/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T20:00:26.953094Z"} {"uuid": "e8bac0a0-6628-4141-8677-cee4446f99be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53864", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moglmhdrsi27", "content": "\ud83d\udfe0 CVE-2026-53864 - High (8.1)\n\nOpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53864/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T20:00:26.953094Z"} https://vulnerability.circl.lu/sighting/e8bac0a0-6628-4141-8677-cee4446f99be/export Tue, 16 Jun 2026 20:00:26 +0000 https://vulnerability.circl.lu/sighting/44cd384e-7b6a-4c5f-a236-9bc2b884bd96/export {"uuid": "44cd384e-7b6a-4c5f-a236-9bc2b884bd96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53866", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogqkrsawf2x", "content": "CVE-2026-53866 - OpenClaw\nCVE ID : CVE-2026-53866\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execu...", "creation_timestamp": "2026-06-16T21:28:58.749638Z"} {"uuid": "44cd384e-7b6a-4c5f-a236-9bc2b884bd96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53866", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogqkrsawf2x", "content": "CVE-2026-53866 - OpenClaw\nCVE ID : CVE-2026-53866\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execu...", "creation_timestamp": "2026-06-16T21:28:58.749638Z"} https://vulnerability.circl.lu/sighting/44cd384e-7b6a-4c5f-a236-9bc2b884bd96/export Tue, 16 Jun 2026 21:28:58 +0000 https://vulnerability.circl.lu/sighting/9d19df8b-d1cc-463f-ab3f-43a16e25bfd1/export {"uuid": "9d19df8b-d1cc-463f-ab3f-43a16e25bfd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53864", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogrncto6p2g", "content": "CVE-2026-53864 - OpenClaw\nCVE ID : CVE-2026-53864\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control varia...", "creation_timestamp": "2026-06-16T21:48:17.449037Z"} {"uuid": "9d19df8b-d1cc-463f-ab3f-43a16e25bfd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53864", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogrncto6p2g", "content": "CVE-2026-53864 - OpenClaw\nCVE ID : CVE-2026-53864\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control varia...", "creation_timestamp": "2026-06-16T21:48:17.449037Z"} https://vulnerability.circl.lu/sighting/9d19df8b-d1cc-463f-ab3f-43a16e25bfd1/export Tue, 16 Jun 2026 21:48:17 +0000 https://vulnerability.circl.lu/sighting/383a9649-60b3-450d-b714-fd385ebda35d/export {"uuid": "383a9649-60b3-450d-b714-fd385ebda35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53869", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojcebozjs2z", "content": "CVE-2026-53869 - Hermes Agent\nCVE ID : CVE-2026-53869\n \n Published : June 17, 2026, 5:57 p.m. | 1\u00a0hour, 32\u00a0minutes ago\n \n Description : Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Orig...", "creation_timestamp": "2026-06-17T21:52:47.427110Z"} {"uuid": "383a9649-60b3-450d-b714-fd385ebda35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53869", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojcebozjs2z", "content": "CVE-2026-53869 - Hermes Agent\nCVE ID : CVE-2026-53869\n \n Published : June 17, 2026, 5:57 p.m. | 1\u00a0hour, 32\u00a0minutes ago\n \n Description : Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Orig...", "creation_timestamp": "2026-06-17T21:52:47.427110Z"} https://vulnerability.circl.lu/sighting/383a9649-60b3-450d-b714-fd385ebda35d/export Wed, 17 Jun 2026 21:52:47 +0000 https://vulnerability.circl.lu/sighting/4e27abfe-9fc3-4318-bcb0-2de3832ab329/export {"uuid": "4e27abfe-9fc3-4318-bcb0-2de3832ab329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53865", "type": "seen", "source": "https://gist.github.com/alon710/4af676c2ea4b45d148a75b1db05205fb", "content": "# CVE-2026-53865: CVE-2026-53865: Arbitrary Local Command Execution in OpenClaw via Untrusted Search Path\n\n> **CVSS Score:** 7.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53865\n\n## Summary\nA critical untrusted search path vulnerability (CWE-426) exists in OpenClaw, an open-source, multi-platform personal AI assistant. In versions prior to 2026.5.2 (and up to 2026.5.26 in specific deployment configurations), the application merges workspace-derived configuration parameters into the operating system environment object. When executing administrative maintenance routines, OpenClaw invokes external system commands, such as the 'trash' utility, without verifying the underlying executable path. This allows a low-privileged local user or workspace collaborator to hijack binary execution flows, resulting in arbitrary command execution within the privilege context of the OpenClaw service wrapper.\n\n## TL;DR\nOpenClaw vulnerabilities in dynamic environment configurations allow lower-privileged users to hijack system commands during automated maintenance cycles, leading to local privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-426\n- **Attack Vector**: Local\n- **CVSS v4.0**: 7.2\n- **EPSS Score**: 0.00118 (Percentile: 2.01%)\n- **Impact**: Arbitrary Command Execution / Privilege Escalation\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw Gateway deployments on Linux, macOS, and Windows\n- OpenClaw packages hosted via NPM registry\n- Self-hosted instances running with workspace integrations enabled\n- **openclaw**: < 2026.5.2 (Fixed in: `2026.5.2`)\n- **openclaw**: < 2026.5.26 (Fixed in: `2026.5.26`)\n\n## Mitigation\n\n- Sanitize environment parameters passed to Node.js subprocess APIs\n- Force the use of absolute executable paths when launching standard tools\n- Disable shell execution parameters inside spawn declarations where user inputs exist\n- Restrict workspace directory modification permissions to administrative accounts\n\n**Remediation Steps:**\n1. Identify active installations and upgrade OpenClaw to stable version 2026.5.2 or 2026.5.26.\n2. Verify that configuration settings do not allow unauthenticated users to supply environmental modifiers.\n3. Isolate critical system-level tasks in dedicated sandboxed processes using systemd or Docker container environments.\n4. Audit active workspace configuration objects for anomalies in PATH settings.\n\n## References\n\n- [GitHub Security Advisory GHSA-rx78-29qr-5hq8](https://github.com/openclaw/openclaw/security/advisories/GHSA-rx78-29qr-5hq8)\n- [VulnCheck Technical Security Advisory](https://www.vulncheck.com/advisories/openclaw-arbitrary-command-execution-via-workspace-derived-service-path)\n- [NVD Vulnerability Database Page](https://nvd.nist.gov/vuln/detail/CVE-2026-53865)\n- [Google Open Source Vulnerabilities (OSV)](https://osv.dev/vulnerability/GHSA-rx78-29qr-5hq8)\n- [CVE.org Authoritative Vulnerability Page](https://www.cve.org/CVERecord?id=CVE-2026-53865)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53865) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T05:11:14.000000Z"} {"uuid": "4e27abfe-9fc3-4318-bcb0-2de3832ab329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53865", "type": "seen", "source": "https://gist.github.com/alon710/4af676c2ea4b45d148a75b1db05205fb", "content": "# CVE-2026-53865: CVE-2026-53865: Arbitrary Local Command Execution in OpenClaw via Untrusted Search Path\n\n> **CVSS Score:** 7.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53865\n\n## Summary\nA critical untrusted search path vulnerability (CWE-426) exists in OpenClaw, an open-source, multi-platform personal AI assistant. In versions prior to 2026.5.2 (and up to 2026.5.26 in specific deployment configurations), the application merges workspace-derived configuration parameters into the operating system environment object. When executing administrative maintenance routines, OpenClaw invokes external system commands, such as the 'trash' utility, without verifying the underlying executable path. This allows a low-privileged local user or workspace collaborator to hijack binary execution flows, resulting in arbitrary command execution within the privilege context of the OpenClaw service wrapper.\n\n## TL;DR\nOpenClaw vulnerabilities in dynamic environment configurations allow lower-privileged users to hijack system commands during automated maintenance cycles, leading to local privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-426\n- **Attack Vector**: Local\n- **CVSS v4.0**: 7.2\n- **EPSS Score**: 0.00118 (Percentile: 2.01%)\n- **Impact**: Arbitrary Command Execution / Privilege Escalation\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw Gateway deployments on Linux, macOS, and Windows\n- OpenClaw packages hosted via NPM registry\n- Self-hosted instances running with workspace integrations enabled\n- **openclaw**: < 2026.5.2 (Fixed in: `2026.5.2`)\n- **openclaw**: < 2026.5.26 (Fixed in: `2026.5.26`)\n\n## Mitigation\n\n- Sanitize environment parameters passed to Node.js subprocess APIs\n- Force the use of absolute executable paths when launching standard tools\n- Disable shell execution parameters inside spawn declarations where user inputs exist\n- Restrict workspace directory modification permissions to administrative accounts\n\n**Remediation Steps:**\n1. Identify active installations and upgrade OpenClaw to stable version 2026.5.2 or 2026.5.26.\n2. Verify that configuration settings do not allow unauthenticated users to supply environmental modifiers.\n3. Isolate critical system-level tasks in dedicated sandboxed processes using systemd or Docker container environments.\n4. Audit active workspace configuration objects for anomalies in PATH settings.\n\n## References\n\n- [GitHub Security Advisory GHSA-rx78-29qr-5hq8](https://github.com/openclaw/openclaw/security/advisories/GHSA-rx78-29qr-5hq8)\n- [VulnCheck Technical Security Advisory](https://www.vulncheck.com/advisories/openclaw-arbitrary-command-execution-via-workspace-derived-service-path)\n- [NVD Vulnerability Database Page](https://nvd.nist.gov/vuln/detail/CVE-2026-53865)\n- [Google Open Source Vulnerabilities (OSV)](https://osv.dev/vulnerability/GHSA-rx78-29qr-5hq8)\n- [CVE.org Authoritative Vulnerability Page](https://www.cve.org/CVERecord?id=CVE-2026-53865)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53865) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T05:11:14.000000Z"} https://vulnerability.circl.lu/sighting/4e27abfe-9fc3-4318-bcb0-2de3832ab329/export Fri, 19 Jun 2026 05:11:14 +0000 https://vulnerability.circl.lu/sighting/608deaff-fce9-406e-b0ea-a97720d5733f/export {"uuid": "608deaff-fce9-406e-b0ea-a97720d5733f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53860", "type": "seen", "source": "https://gist.github.com/alon710/9745ea7f614dc3dd47451c872d75fca1", "content": "# CVE-2026-53860: CVE-2026-53860: Sender Policy Bypass in OpenClaw BlueBubbles Integration\n\n> **CVSS Score:** 4.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53860\n\n## Summary\nCVE-2026-53860 details an authorization bypass in the OpenClaw AI gateway's BlueBubbles integration. The vulnerability arises because the sender policy check validates mutable conversation-level metadata rather than verified, stable sender identities. This allows unauthorized group chat participants to manipulate metadata, match allowlist rules, and run unauthorized AI agent actions.\n\n## TL;DR\nA vulnerability in OpenClaw's BlueBubbles integration allows unauthorized participants to bypass sender validation by manipulating conversation metadata. Upgrading to version 2026.5.7 resolves the flaw by enforcing checks on stable sender identities.\n\n## Technical Details\n\n- **CWE ID**: CWE-807 / CWE-863\n- **Attack Vector**: Network\n- **CVSS v3.1**: 4.2 (Medium)\n- **EPSS Score**: 0.00136 (Percentile: 3.38%)\n- **Impact**: Sender Policy Bypass & Unauthorized Command Execution\n- **Exploit Status**: No public PoC or active exploitation\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw < 2026.5.7\n- **openclaw**: < 2026.5.7 (Fixed in: `2026.5.7`)\n\n## Mitigation\n\n- Upgrade to OpenClaw version 2026.5.7 or later\n- Strictly use stable, immutable sender identifiers (phone numbers, iCloud emails) in policies\n- Restrict permissions to alter group chat metadata within BlueBubbles\n- Limit the permissions and tools accessible by the AI agent\n\n**Remediation Steps:**\n1. Verify current OpenClaw version using the package manager\n2. Update the openclaw package to version 2026.5.7 via npm or your deployment pipeline\n3. Inspect existing configuration files to replace conversation-level allowlist rules with verified sender handles\n4. Restart the OpenClaw gateway service to apply the updated configuration\n\n## References\n\n- [GitHub Security Advisory GHSA-8j37-5w68-wj2g](https://github.com/openclaw/openclaw/security/advisories/GHSA-8j37-5w68-wj2g)\n- [VulnCheck Advisory](https://www.vulncheck.com/advisories/openclaw-sender-policy-bypass-via-mutable-conversation-identifiers-in-bluebubbles)\n- [OpenClaw GitHub Repository](https://github.com/openclaw/openclaw)\n- [NVD CVE-2026-53860](https://nvd.nist.gov/vuln/detail/CVE-2026-53860)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53860) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T08:41:59.000000Z"} {"uuid": "608deaff-fce9-406e-b0ea-a97720d5733f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53860", "type": "seen", "source": "https://gist.github.com/alon710/9745ea7f614dc3dd47451c872d75fca1", "content": "# CVE-2026-53860: CVE-2026-53860: Sender Policy Bypass in OpenClaw BlueBubbles Integration\n\n> **CVSS Score:** 4.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53860\n\n## Summary\nCVE-2026-53860 details an authorization bypass in the OpenClaw AI gateway's BlueBubbles integration. The vulnerability arises because the sender policy check validates mutable conversation-level metadata rather than verified, stable sender identities. This allows unauthorized group chat participants to manipulate metadata, match allowlist rules, and run unauthorized AI agent actions.\n\n## TL;DR\nA vulnerability in OpenClaw's BlueBubbles integration allows unauthorized participants to bypass sender validation by manipulating conversation metadata. Upgrading to version 2026.5.7 resolves the flaw by enforcing checks on stable sender identities.\n\n## Technical Details\n\n- **CWE ID**: CWE-807 / CWE-863\n- **Attack Vector**: Network\n- **CVSS v3.1**: 4.2 (Medium)\n- **EPSS Score**: 0.00136 (Percentile: 3.38%)\n- **Impact**: Sender Policy Bypass & Unauthorized Command Execution\n- **Exploit Status**: No public PoC or active exploitation\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw < 2026.5.7\n- **openclaw**: < 2026.5.7 (Fixed in: `2026.5.7`)\n\n## Mitigation\n\n- Upgrade to OpenClaw version 2026.5.7 or later\n- Strictly use stable, immutable sender identifiers (phone numbers, iCloud emails) in policies\n- Restrict permissions to alter group chat metadata within BlueBubbles\n- Limit the permissions and tools accessible by the AI agent\n\n**Remediation Steps:**\n1. Verify current OpenClaw version using the package manager\n2. Update the openclaw package to version 2026.5.7 via npm or your deployment pipeline\n3. Inspect existing configuration files to replace conversation-level allowlist rules with verified sender handles\n4. Restart the OpenClaw gateway service to apply the updated configuration\n\n## References\n\n- [GitHub Security Advisory GHSA-8j37-5w68-wj2g](https://github.com/openclaw/openclaw/security/advisories/GHSA-8j37-5w68-wj2g)\n- [VulnCheck Advisory](https://www.vulncheck.com/advisories/openclaw-sender-policy-bypass-via-mutable-conversation-identifiers-in-bluebubbles)\n- [OpenClaw GitHub Repository](https://github.com/openclaw/openclaw)\n- [NVD CVE-2026-53860](https://nvd.nist.gov/vuln/detail/CVE-2026-53860)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53860) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T08:41:59.000000Z"} https://vulnerability.circl.lu/sighting/608deaff-fce9-406e-b0ea-a97720d5733f/export Fri, 19 Jun 2026 08:41:59 +0000