OpenClaw Vulnerabilities

pip AI Agents

AI Threat Alert tracks 427 known vulnerabilities in OpenClaw, 15 rated critical — an AI/ML ai agents in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
427
Total CVEs
15
Critical
pip
Ecosystem
Jul 8, 2026
Last CVE
41%
Patch Rate
3d
Avg Time to Patch

Known Vulnerabilities (427 total, page 9 of 18)

Severity CVE ID Summary CVSS Published
HIGH CVE-2026-28461 OpenClaw: webhook DoS via memory exhaustion 7.5 Mar 19, 2026 MEDIUM CVE-2026-28449 OpenClaw: webhook replay triggers duplicate agent actions 6.5 Mar 19, 2026 HIGH CVE-2026-28460 OpenClaw: allowlist bypass enables OS command execution 7.1 Mar 19, 2026 MEDIUM CVE-2026-27670 OpenClaw: TOCTOU race enables arbitrary file write in agents 5.3 Mar 19, 2026 MEDIUM CVE-2026-27523 OpenClaw: sandbox path traversal bypasses bind isolation 6.1 Mar 18, 2026 MEDIUM CVE-2026-27545 OpenClaw: symlink race bypasses agent run approval 6.1 Mar 18, 2026 MEDIUM CVE-2026-27524 OpenClaw: prototype pollution bypasses command gate 4.3 Mar 18, 2026 MEDIUM CVE-2026-27646 OpenClaw: sandbox escape via /acp spawn command 6.1 Mar 23, 2026 MEDIUM CVE-2026-27522 OpenClaw: path traversal enables arbitrary file read via media actions 6.5 Mar 18, 2026 HIGH CVE-2026-27566 OpenClaw: allowlist bypass enables arbitrary OS command exec 7.1 Mar 19, 2026 MEDIUM CVE-2026-27183 OpenClaw: shell allowlist bypass via dispatch wrapper depth 5.3 Mar 23, 2026 HIGH CVE-2026-22181 OpenClaw: SSRF guard bypass exposes internal services 7.6 Mar 18, 2026 MEDIUM CVE-2026-22217 OpenClaw: $SHELL env hijack enables arbitrary code execution 6.1 Mar 18, 2026 HIGH CVE-2026-22171 OpenClaw: path traversal allows arbitrary file write 8.2 Mar 18, 2026 MEDIUM CVE-2026-22176 OpenClaw: cmd injection in Windows task script generation 6.1 Mar 19, 2026 MEDIUM CVE-2026-22178 OpenClaw: ReDoS via Feishu mention metadata 6.5 Mar 18, 2026 HIGH CVE-2026-22179 OpenClaw: allowlist bypass enables arbitrary OS command exec 7.2 Mar 18, 2026 MEDIUM CVE-2026-22180 OpenClaw: path traversal enables arbitrary file writes 5.3 Mar 18, 2026 MEDIUM CVE-2026-22170 OpenClaw: empty allowlist bypasses BlueBubbles DM auth 6.5 Mar 18, 2026 HIGH CVE-2026-22175 OpenClaw: allowlist bypass lets agents run any command 7.1 Mar 18, 2026 MEDIUM CVE-2026-22174 OpenClaw: local token leak via CDP probe hijack 6.8 Mar 18, 2026 MEDIUM CVE-2026-22169 OpenClaw: safeBins allowlist bypass enables command exec 6.7 Mar 18, 2026 MEDIUM CVE-2026-22168 OpenClaw: cmd.exe argument smuggling evades approval log 6.5 Mar 18, 2026 HIGH GHSA-fq4x-789w-jg5h agenticmail: email prompt injection → bypassPermissions RCE -- Jun 18, 2026 HIGH CVE-2026-53866 OpenClaw: allowlist bypass allows unauthorized shell exec 8.1 Jun 16, 2026

Showing 201–225 of 427

Frequently asked questions

What is OpenClaw?

OpenClaw is an AI/ML ai agents tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does OpenClaw have?

OpenClaw has 427 known CVEs, 15 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is OpenClaw distributed in?

OpenClaw is distributed via the pip ecosystem and categorized as ai agents.

Where does the OpenClaw vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of OpenClaw?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor OpenClaw in your stack

Get instant alerts when new vulnerabilities affect OpenClaw. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring