CVE-2026-43569 - OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
CVE ID :CVE-2026-43569 Published : May 5, 2026, 11:25 a.m. | 47 minutes ago Description :OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. A
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
- [CYBER] Stop triaging Go CVEs that don't affect you
- [CYBER] Gaza: Israeli strikes kill 2 Palestinians in latest truce breach
- [CYBER] Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
- [CYBER] The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
- [CYBER] Fake SSA Emails Drive Venomous#Helper Phishing Campaign