CVE-2026-41360 - OpenClaw < 2026.4.2 - Approval Integrity Bypass in pnpm dlx Local Script Binding
CVE ID :CVE-2026-41360 Published : April 23, 2026, 10:16 p.m. | 1 hour, 34 minutes ago Description :OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Benue vigilantes hack corper to death over motorcycle theft
- [CYBER] The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
- [CYBER] Mullvad VPN Creates iOS Master Switch to Protect Users From Data Leaks
- [CYBER] CVE-2026-29197 - Apache Apps Engine Log Information Disclosure Vulnerability
- [CYBER] CVE-2026-6732 - Libxml2: libxml2: denial of service via crafted xsd-validated document
- [CYBER] Anthropic CVP Run 3 — Does Claude's Safety Stack Scale Down to Haiku 4.5?