CVE-2026-29612 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenClaw versions prior to 2026.2.14 decode base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger l…
Medium CVSS: 6.8

CVE-2026-29612

OpenClaw versions prior to 2026.2.14 decode base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger large memory allocations. Remote attackers can supply oversized base64 payloads to cause memory pressure and denial of service.
Vendor
Openclaw
Product
Openclaw
CWE
CWE-770
Yayın Tarihi
2026-03-05 22:16:24
Güncelleme
2026-03-11 00:47:39
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-770 Openclaw MEDIUM Openclaw 2026

Referanslar

https://github.com/openclaw/openclaw/commit/31791233d60495725fa012745dde8d6ee69e9595 https://github.com/openclaw/openclaw/security/advisories/GHSA-w2cg-vxx6-5xjg https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-large-base-media-file-decoding