Critical CVSS: CRITICAL CVE-2026-43578 vulnerability

CVE-2026-43578

Tracked since May 8, 2026 View on NVD
cve UNKNOWN cvss-9

CVSS Breakdown

9.1
CVSS Base Score
CRITICAL
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A

Insurance Impact Assessment

🛡️
Critical Impact

Critical vulnerabilities require urgent remediation. Insurers may impose coverage conditions, increased retentions, or exclusion endorsements until patches are applied.

CVE UNKNOWN with CVSS 9.1. OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged context t

View on NVD

Assess your exposure

Is your organization vulnerable? Run a free domain exposure scan to check.

Scan Your Domain → Broker Scorecard

Related Threats

CVE-2026-40281
CVSS 10 critical
CVE-2023-34992: A improper neutralization of special elements used in an os command ('os command
CVSS 10 critical
CVE-2023-34976: A SQL injection vulnerability has been reported to affect Video Station. If expl
CVSS 10 critical
CVE-2023-25960: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVSS 10 critical
CVE-2023-4994: The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Co
CVSS 9.9 critical
← Back to Threat Feed