[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-53815":3,"news-by-cve-CVE-2026-53815-10":61},{"has_ai_summary":4,"has_nuclei_templates":4,"state":5,"source_identifier":6,"cvss_source":7,"nuclei_template_count":8,"affected_products_preview":9,"vendor_context":15,"references_preview":22,"date_published":27,"has_workaround":4,"sources":28,"assigner_short_name":30,"nvd_cvss_vector":31,"nvd_cvss_severity":32,"description":33,"id":34,"cvss_version":35,"cvss_vector":31,"in_kev":4,"attack_technique_count":36,"affected_product_count":37,"nvd_cvss_score":38,"kev_ransomware_use":4,"reference_count":36,"date_updated":39,"assigner_org":30,"cvss_score":38,"has_exploit":4,"weaknesses":40,"sectors":43,"tags":44,"attack_tactics":45,"remediation_summary":47,"has_attack_graph":48,"title":49,"cvss_severity":32,"has_solution":4,"exploit_count":8,"attack_techniques":50},false,"PUBLISHED","83251b91-4cc7-4094-a5c7-464a1b83ea10","nvd",0,[10],{"vendor":11,"product":11,"sector":12,"subsector":13,"deployment":14},"OpenClaw","security-products","endpoint-av-edr","embedded",[16],{"subsector":13,"vendor":17,"vendor_type":18,"aliases":19,"sector":12},"openclaw","oss-project",[20,21],"crabbox","clawdbot",[23,25],{"url":24,"source":7},"https://github.com/openclaw/openclaw/security/advisories/GHSA-q7q8-3mgw-q67r",{"url":26,"source":7},"https://www.vulncheck.com/advisories/openclaw-channel-allowlist-bypass-in-message-read-actions","2026-06-11T20:08:52Z",[29,7],"cvelist","","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","MEDIUM","OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks. Lower-trust callers can request messages from channels not intended for them by exploiting insufficient validation in the affected feature, potentially exposing sensitive channel messages.","CVE-2026-53815","3.1",2,1,6.5,"2026-06-11T21:16:23Z",[41],{"cwe_id":42,"name":30},"CWE-862",[12],[],[46],"Initial Access",{"has_patch":4,"has_workaround":4},true,"OpenClaw \u003C 2026.5.19 - Channel Allowlist Bypass in Message Read Actions",[51,57],{"tactic_name":46,"url":52,"confidence":53,"technique_id":54,"technique_name":55,"tactic":56},"https://attack.mitre.org/techniques/T1078/","medium","T1078","Valid Accounts","initial-access",{"tactic_name":46,"url":58,"confidence":53,"technique_id":59,"technique_name":60,"tactic":56},"https://attack.mitre.org/techniques/T1190/","T1190","Exploit Public-Facing Application",{"cve_id":34,"items":62,"total":8},[]]