CVE-2026-35659
Published
CVSS v3
4.6
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious discovery metadata.
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
GitHub