{"vulnerability": "CVE-2026-44118", "sightings": [{"uuid": "ba1a01cb-bf31-4ba6-868d-9701fc631018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44118", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml7qv4ohew2q", "content": "CVE-2026-44118 - OpenClaw Authentication Bypass\nCVE ID : CVE-2026-44118\n \n Published : May 6, 2026, 8:16 p.m. | 23\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request headers. Non-owner...", "creation_timestamp": "2026-05-06T22:30:32.712935Z"}, {"uuid": "a45187d1-6861-49fa-a6e2-8285e9867c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44118", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kotwoxb2z", "content": "\ud83d\udfe0 CVE-2026-44118 - High (7.8)\n\nOpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44118/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-06T20:39:40.938759Z"}]}