Skip to content

Commit 6094cf9

Browse files
1 parent 1006e3c commit 6094cf9

4 files changed

Lines changed: 182 additions & 49 deletions

File tree

advisories/unreviewed/2026/05/GHSA-94gr-w3q5-rfqr/GHSA-94gr-w3q5-rfqr.json renamed to advisories/github-reviewed/2026/05/GHSA-94gr-w3q5-rfqr/GHSA-94gr-w3q5-rfqr.json

Lines changed: 45 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,26 +1,66 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-94gr-w3q5-rfqr",
4-
"modified": "2026-05-13T18:30:41Z",
4+
"modified": "2026-06-18T20:09:15Z",
55
"published": "2026-05-12T18:30:38Z",
66
"aliases": [
77
"CVE-2025-65719"
88
],
9+
"summary": "Open Source Kubectl MCP Server vulnerable to arbitrary code execution via user interaction with crafted HTML page",
910
"details": "An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page.",
1011
"severity": [
1112
{
1213
"type": "CVSS_V3",
1314
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
1415
}
1516
],
16-
"affected": [],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "npm",
21+
"name": "kubectl-mcp-server"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"fixed": "1.2.0"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "PyPI",
40+
"name": "kubectl-mcp-server"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "0"
48+
},
49+
{
50+
"fixed": "1.2.0"
51+
}
52+
]
53+
}
54+
]
55+
}
56+
],
1757
"references": [
1858
{
1959
"type": "ADVISORY",
2060
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65719"
2161
},
2262
{
23-
"type": "WEB",
63+
"type": "PACKAGE",
2464
"url": "https://github.com/rohitg00/kubectl-mcp-server"
2565
},
2666
{
@@ -37,8 +77,8 @@
3777
"CWE-94"
3878
],
3979
"severity": "CRITICAL",
40-
"github_reviewed": false,
41-
"github_reviewed_at": null,
80+
"github_reviewed": true,
81+
"github_reviewed_at": "2026-06-18T20:09:14Z",
4282
"nvd_published_at": "2026-05-12T17:16:15Z"
4383
}
4484
}
Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-cwpp-5962-q4f6",
4+
"modified": "2026-06-18T20:10:30Z",
5+
"published": "2026-06-18T20:10:30Z",
6+
"aliases": [
7+
"CVE-2026-53848"
8+
],
9+
"summary": "OpenClaw: Exec allowlist could miss side effects from transparent command wrappers",
10+
"details": "### Summary\n\nExec allowlist could miss side effects from transparent command wrappers. In affected versions, a command request that reaches the exec allowlist path could be evaluated against the inner command while the wrapper invocation still executed.\n\nThis advisory is scoped to the named feature and configuration. It does not change OpenClaw's trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed.\n\n### Impact\n\nWhen the affected feature is enabled and reachable, this could perform wrapper-level side effects outside the intent of the allowlisted command. Practical impact depends on the operator's configuration and whether lower-trust input can reach that path.\n\n### Patched Versions\n\nThe first stable patched version is `2026.5.26`.\n\n### Mitigations\n\nreview wrapper commands carefully and require approval for shell-like wrapper usage until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
15+
},
16+
{
17+
"type": "CVSS_V4",
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
19+
}
20+
],
21+
"affected": [
22+
{
23+
"package": {
24+
"ecosystem": "npm",
25+
"name": "openclaw"
26+
},
27+
"ranges": [
28+
{
29+
"type": "ECOSYSTEM",
30+
"events": [
31+
{
32+
"introduced": "0"
33+
},
34+
{
35+
"fixed": "2026.5.26"
36+
}
37+
]
38+
}
39+
],
40+
"database_specific": {
41+
"last_known_affected_version_range": "<= 2026.5.22"
42+
}
43+
}
44+
],
45+
"references": [
46+
{
47+
"type": "WEB",
48+
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cwpp-5962-q4f6"
49+
},
50+
{
51+
"type": "ADVISORY",
52+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53848"
53+
},
54+
{
55+
"type": "PACKAGE",
56+
"url": "https://github.com/openclaw/openclaw"
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-transparent-command-wrappers"
61+
}
62+
],
63+
"database_specific": {
64+
"cwe_ids": [
65+
"CWE-184",
66+
"CWE-78"
67+
],
68+
"severity": "LOW",
69+
"github_reviewed": true,
70+
"github_reviewed_at": "2026-06-18T20:10:30Z",
71+
"nvd_published_at": null
72+
}
73+
}
Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-wrr6-p5r6-474m",
4+
"modified": "2026-06-18T20:10:14Z",
5+
"published": "2026-06-16T21:31:58Z",
6+
"withdrawn": "2026-06-18T20:10:14Z",
7+
"aliases": [],
8+
"summary": "Duplicate Advisory: Exec allowlist could miss side effects from transparent command wrappers",
9+
"details": "## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-cwpp-5962-q4f6. This link is maintained to preserve external references.\n\n## Original Description\n\nOpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper-level side effects outside allowlisted command intent. Attackers can craft command requests that bypass allowlist validation by leveraging transparent command wrappers to perform unintended operations.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
18+
}
19+
],
20+
"affected": [
21+
{
22+
"package": {
23+
"ecosystem": "npm",
24+
"name": "openclaw"
25+
},
26+
"ranges": [
27+
{
28+
"type": "ECOSYSTEM",
29+
"events": [
30+
{
31+
"introduced": "0"
32+
},
33+
{
34+
"last_affected": "2026.5.22"
35+
}
36+
]
37+
}
38+
]
39+
}
40+
],
41+
"references": [
42+
{
43+
"type": "WEB",
44+
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cwpp-5962-q4f6"
45+
},
46+
{
47+
"type": "ADVISORY",
48+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53848"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-transparent-command-wrappers"
53+
}
54+
],
55+
"database_specific": {
56+
"cwe_ids": [
57+
"CWE-184"
58+
],
59+
"severity": "LOW",
60+
"github_reviewed": true,
61+
"github_reviewed_at": "2026-06-18T20:10:14Z",
62+
"nvd_published_at": "2026-06-16T19:17:01Z"
63+
}
64+
}

advisories/unreviewed/2026/06/GHSA-wrr6-p5r6-474m/GHSA-wrr6-p5r6-474m.json

Lines changed: 0 additions & 44 deletions
This file was deleted.

0 commit comments

Comments
 (0)