CNNVD-202602-001 Information
Feb 01, 2026
cve
CNNVD ID
CNNVD-202602-001
Related CVE
- CNNVD Published: 2026-02-01
Description (Chinese)
OpenClaw是openclaw开源的一个智能人工助理。 OpenClaw 2026.1.29之前版本存在安全漏洞,该漏洞源于自动建立WebSocket连接并发送令牌,可能导致未经授权的连接和令牌泄露。
Description (English)
OpenClaw is an intellectual assistant at the OpenClaw Open Source. Prior to OpenClaw 2026.1.29, there was a security loophole that originated from the automatic establishment of WebSocket connections and the sending of tokens, which could lead to unauthorized connections and signs leaking.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
openclaw
Published
2026-02-01
Last Modified
2026-02-24
References
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys https://github.com/openclaw/openclaw/security/advisories/GHSA-g8p2-7wf7-98mq https://openclaw.ai/blog