Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

OpenClaw security patch release for CVE-2026-26322

Security Patch Release
First reported
Last updated
Happening score
H score 24
2 unique sources, 2 articles

Summary

Hide ▲

OpenClaw released a patch for six vulnerabilities in its agentic AI assistant, addressing SSRF, missing authentication, and path traversal flaws that could weaken request handling and access controls. The bundle includes CVE-2026-26322, CVE-2026-26319, and CVE-2026-26329, with severities ranging from moderate to high. The update matters because the flaws span multiple tools and webhook paths, creating risk across Gateway, image upload, and authentication workflows.

Related Happenings

Microsoft open-sources RAMPART and Clarity for AI agent security testing and design review

Security Tool/Service
First: 20.05.2026 20:06 Last: 20.05.2026 20:06 Sources 1

About this happening: **Microsoft** open-sourced **RAMPART** and **Clarity**, adding **AI agent security testing** and **design-time reasoning** capabilities that help developers catch risks before dep...

Open Happening

Fortinet security patch release for CVE-2026-44277

Security Patch Release
First: 12.05.2026 21:23 Last: 12.05.2026 21:23 Sources 1

About this happening: Fortinet released **security updates** for **FortiSandbox** and **FortiAuthenticator** to fix **two critical vulnerabilities** that could let an **unauthenticated attacker** execu...

Open Happening

Cisco security patch release for CVE-2026-20184

Security Patch Release
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...

Open Happening

Fortinet FortiClient EMS emergency patch release (CVE-2026-35616, CVE-2026-21643)

Security Patch Release
First: 07.04.2026 12:26 Last: 07.04.2026 12:26 Sources 1

About this happening: **Fortinet** released an **emergency hotfix** for **FortiClient Enterprise Management Server (EMS)** after confirming **active exploitation** of **CVE-2026-35616**, a critical fla...

Open Happening

Oracle security patch release for CVE-2026-21992

Security Patch Release
First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Open Happening

Timeline

  1. 19.02.2026 12:00 3 articles · 3mo ago

    OpenClaw patches six vulnerabilities

    Mitigation Patch Update

    OpenClaw released fixes for six vulnerabilities in its agentic AI assistant, including CVE-2026-26322 in the Gateway tool, CVE-2026-26319 for missing Telnyx webhook authentication, and CVE-2026-26329 path traversal in browser upload, alongside SSRF and authentication issues affecting OpenClaw’s image tool, Urbit authentication, and Twilio webhook authentication.

    Show sources
    Open in new tab
  2. 19.02.2026 12:00 1 articles · 3mo ago

    Endor Labs and SecurityScorecard highlight broader OpenClaw exposure

    Technical Analysis Update

    Endor Labs said it had found seven OpenClaw vulnerabilities in total and noted three high-severity CVEs with public exploit code available, while SecurityScorecard warned that tens of thousands of misconfigured OpenClaw instances exposed to the public internet could let attackers reach sensitive corporate systems.

    Show sources
    Open in new tab