{"vulnerability": "cve-2026-4356", "sightings": [{"uuid": "427e7c2a-2111-4d0f-9e2d-728bfbcb097f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43566", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4oyaqvd22f", "content": "\ud83d\udd34 CVE-2026-43566 - Critical (9.1)\n\nOpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where he...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-43566/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T17:18:31.478683Z"}, {"uuid": "1c72f026-a466-4630-9121-4cd017a37b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43567", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml47ze3p352p", "content": "CVE-2026-43567 - OpenClaw\nCVE ID : CVE-2026-43567\n \n Published : 5. Mai 2026 11:25 | 56\u00a0Minuten ago\n \n Description : OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screen_record tool's outPath parameter that bypasses workspace-only filesystem guards. ...", "creation_timestamp": "2026-05-05T12:50:41.862160Z"}, {"uuid": "1e2a4f8b-aa76-44d4-aae0-eb46008e06db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43568", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4aqchxnl2e", "content": "CVE-2026-43568 - OpenClaw 2026.4.5\nCVE ID : CVE-2026-43568\n \n Published : 5. Mai 2026 11:25 | 56\u00a0Minuten ago\n \n Description : OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dr...", "creation_timestamp": "2026-05-05T13:03:32.193497Z"}, {"uuid": "d97a22b8-5377-47a4-b2a5-8f5245f7c886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43566", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4bjuyxgq2e", "content": "CVE-2026-43566 - OpenClaw 2026.4.7\nCVE ID : CVE-2026-43566\n \n Published : 5. Mai 2026 11:25 | 56\u00a0Minuten ago\n \n Description : OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake event...", "creation_timestamp": "2026-05-05T13:17:55.470587Z"}, {"uuid": "862d9f36-d3b2-44f6-9d71-ccaa34063b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43569", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4cgjycdd2i", "content": "CVE-2026-43569 - OpenClaw\nCVE ID : CVE-2026-43569\n \n Published : 5. Mai 2026 11:25 | 56\u00a0Minuten ago\n \n Description : OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboardi...", "creation_timestamp": "2026-05-05T13:33:51.543747Z"}, {"uuid": "5c1736fd-5eeb-4203-b477-cdbdd8b80e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43569", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4oyia6ii2c", "content": "\ud83d\udfe0 CVE-2026-43569 - High (8.8)\n\nOpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted works...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-43569/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T17:18:39.162485Z"}, {"uuid": "169d2093-746b-4ca6-bbb0-8b1170aea0bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43566", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlaadohkqj2w", "content": "\ud83d\udccc CVE-2026-43566 - OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake even... https://www.cyberhub.blog/cves/CVE-2026-43566", "creation_timestamp": "2026-05-07T03:07:08.078073Z"}, {"uuid": "ac5924a9-b137-4f98-9486-7428fd6ff287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43569", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlabzdfznd2q", "content": "\ud83d\udccc CVE-2026-43569 - OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactiv... https://www.cyberhub.blog/cves/CVE-2026-43569", "creation_timestamp": "2026-05-07T03:37:08.021583Z"}]}