Known Vulnerable Dependency: openclaw==2026.4.0 — 10 advisory(ies): CVE-2026-53846 (OpenClaw: Workspace .env npm_execpath could influence bundled runtime dependency); CVE-2026-41913 (OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret r); CVE-2026-53830 (OpenClaw: Slack and Zalo webhook secrets could remain active after secrets.reloa) +7 more
High
- Category
- Supply Chain
- Confidence
- 97% confidence
- Finding
- openclaw==2026.4.0
