CVE-2026-44999
EPSS 0.02%OpenClaw: Isolated cron awareness events were recorded as trusted system events
描述
## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact Output from webhook-triggered isolated cron agent runs could be queued into the main session awareness stream without `trusted: false`. That made the event render as a trusted `System:` event instead of an untrusted system event. This is a trust-labeling issue that can strengthen prompt-injection impact, but it does not directly bypass gateway auth, tool policy, or sandboxing. Severity is low. ## Fix OpenClaw now preserves untrusted labels for isolated cron awareness events and forwards the trust flag through cron delivery helpers. Fix commit: - `f61896b03cc7031f51106a04566831f4ac2a0bd7` ## Release Fixed in OpenClaw `2026.4.20`.
受影響套件(1)
- npm/openclawfrom 0, < 2026.4.20
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U |
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-44999
- PATCHhttps://github.com/openclaw/openclaw
- WEBhttps://github.com/openclaw/openclaw/commit/f61896b03cc7031f51106a04566831f4ac2a0bd7
- WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-57r2-h2wj-g887
- WEBhttps://www.vulncheck.com/advisories/openclaw-improper-trust-labeling-in-isolated-cron-awareness-events