Vulnerabilities

CVE-2026-29609 - OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch

2026-03-06 0 views admin

CVE ID : CVE-2026-29609 Published : March 5, 2026, 10:16 p.m. | 1 hour, 28 minutes ago Description : OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length headers to cause availability loss. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-29609

Severity

HIGH

Published

March 5, 2026

Impact: denial of service

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-29609high

CVE-2026-29609 - OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-29606 - OpenClaw < 2026.2.14 - Webhook Signature Verification Bypass via ngrok Loopback ...

CVE-2026-28486 - OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extracti...

CVE-2026-28485 - OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP E...

CVE-2026-28484 - OpenClaw 2026.2.15 - Option Injection in pre-commit Hook via Malicious Filenames

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting