CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-29612

OpenClaw versions prior to 2026.2.14 decode base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger large memory allocations. Remote attackers can supply oversized base64 payloads to cause memory pressure and denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.3%

CVSS Severity

CVSS v3 Score 5.5

References

https://github.com/openclaw/openclaw/commit/31791233d60495725fa012745dde8d6ee69e9595
https://github.com/openclaw/openclaw/security/advisories/GHSA-w2cg-vxx6-5xjg
https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-large-base-media-file-decoding

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-29612

Products

Pricing

Contact Us