OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.

OpenClaw 在 2026.5.7 之前版本中存在主机名验证漏洞。该漏洞位于重试端点检查逻辑中，未能进行精确主机名匹配，而是允许通过匹配主机名前缀来绕过验证。攻击者可以构造一个与受信任主机相似的主机名前缀，从而将认证材料发送到不可信的端点。成功利用此漏洞可能导致敏感认证信息泄露，威胁数据机密性。漏洞严重性评分为 6.5（中等），攻击复杂度低，需要低权限，无需用户交互，影响范围无变化。建议受影响用户立即升级至 OpenClaw 2026.5.7 或更高版本，并限制网络暴露面，仅允许必要的主机访问认证端点。目前无证据表明该漏洞已被在野利用或列入已知被利用漏洞目录（KEV）。

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not ver

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not ver

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace from `Vary` response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose responses contain whitespace-padded Vary header values. Earlier, unsupported Django series (suc