Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

46 New today

62,232 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

109

Jun 6

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

Critical

High

Medium

Low

Latest

CVE CVSS 6

OpenClaw < 2026.4.22 - Webhook Secret Revocation Bypass via secrets.reload_CVE-2026-53830

OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing callers with old Slack and Zalo webhook secrets to remain active after secrets.reload. Attackers can exploit the stale-secret window to deliver webhook events after operator-expected s...

CVE-2026-53830 OpenClaw OpenClaw

Jun 12, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.5	CVE-2026-53829	OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display_CVE-2026-53829 OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approver...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.7	CVE-2026-53828	OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement_CVE-2026-53828 OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute own...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6	CVE-2026-53827	OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding_CVE-2026-53827 OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
LOW 2.3	CVE-2026-53826	OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn_CVE-2026-53826 OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to ch...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.1	CVE-2026-53825	OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write Scope_CVE-2026-53825 OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operator...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6	CVE-2026-53824	Mattermost < 2026.4.24 - Slash Token Revocation Lag via Monitor Refresh Delay_CVE-2026-53824 OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked slash tokens to continue executing commands durin...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.6	CVE-2026-53823	OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom_CVE-2026-53823 OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attacker...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53822	OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval and Execution_CVE-2026-53822 OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attacker...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53821	OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket_CVE-2026-53821 OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorizatio...	OpenClaw	OpenClaw	Jun 12, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

OpenClaw < 2026.4.22 - Webhook Secret Revocation Bypass via secrets.reload_CVE-2026-53830

Recent Advisories

OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display_CVE-2026-53829

OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement_CVE-2026-53828

OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding_CVE-2026-53827

OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn_CVE-2026-53826

OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write Scope_CVE-2026-53825

Mattermost < 2026.4.24 - Slash Token Revocation Lag via Monitor Refresh Delay_CVE-2026-53824

OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom_CVE-2026-53823

OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval and Execution_CVE-2026-53822

OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket_CVE-2026-53821

Protect Your Attack Surface with RedGem

Security Intelligence
Feed