CVE-2026-27009

{"id": "CVE-2026-27009", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.6}]}, "published": "2026-02-20T00:16:17.620", "references": [{"url": "https://github.com/openclaw/openclaw/commit/3b4096e02e7e335f99f5986ec1bd566e90b14a7e", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/openclaw/openclaw/commit/adc818db4a4b3b8d663e7674ef20436947514e1b", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.15", "tags": ["Product", "Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-37gc-85xm-2ww6", "tags": ["Exploit", "Vendor Advisory", "Patch"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a atored XSS issue in the OpenClaw Control UI when rendering assistant identity (name/avatar) into an inline `<script>` tag without script-context-safe escaping. A crafted value containing `</script>` could break out of the script tag and execute attacker-controlled JavaScript in the Control UI origin. Version 2026.2.15 removed inline script injection and serve bootstrap config from a JSON endpoint and added a restrictive Content Security Policy for the Control UI (`script-src 'self'`, no inline scripts)."}, {"lang": "es", "value": "OpenClaw es un asistente personal de IA. Antes de la versi\u00f3n 2026.2.15, exist\u00eda un problema de XSS almacenado en la interfaz de usuario de control de OpenClaw al renderizar la identidad del asistente (nombre/avatar) en una etiqueta `` podr\u00eda escapar de la etiqueta de script y ejecutar JavaScript controlado por el atacante en el origen de la interfaz de usuario de control. La versi\u00f3n 2026.2.15 elimin\u00f3 la inyecci\u00f3n de scripts en l\u00ednea y sirve la configuraci\u00f3n de arranque desde un endpoint JSON, y a\u00f1adi\u00f3 una Pol\u00edtica de Seguridad de Contenido restrictiva para la interfaz de usuario de control (`script-src 'self'`, sin scripts en l\u00ednea)."}], "lastModified": "2026-02-20T17:41:44.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "3CD9AC99-DDDF-4177-9253-04A63CA027DC", "versionEndExcluding": "2026.2.15"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}