@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +12 more potentially affected by CVE-2026-41351 via openclaw (>=2026.3.22 <=2026.3.28)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-41351 Source advisory: SNYK:JS-OPENCLAW-15894785...

CVE-2025-41351

creationtimestamp| type| source ---|---|--- 2026-01-28 12:09:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdiaiklsbi2g...

CVE-2024-41351

bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting XSS via Public/statics/umeditor123/php/getContent.php...

CVE-2024-41351

creationtimestamp| type| source ---|---|--- 2024-08-29 22:55:29+00:00| seen| https://t.me/cvedetector/4470...

CVE-2024-41351

bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting XSS via Public/statics/umeditor123/php/getContent.php...

CVE-2024-41351

CVE-2024-41351 affects bjyadmin (ThinkPHP-based) via Cross-Site Scripting in Public/statics/umeditor1_2_3/php/getContent.php. Root cause is an XSS vulnerability in that endpoint. CVSS: Network attack vector, Low confidentiality/integrity impact, high user interaction required, scope changed (per ...

CVE-2023-41351

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL. This makes it possible for unauthenticated remote attackers to log in as any existing...

CVE-2023-41351

The CVE-2023-41351 entry concerns the Nokia G-040W-Q (Chunghwa Telecom) modem, where an authentication bypass allows an unauthenticated remote attacker to log in via an alternate URL as any existing user (including administrators), enabling arbitrary system operations or service disruption. Docum...

CVE-2021-41351

creationtimestamp| type| source ---|---|--- 2021-11-14 09:19:59+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/858 2021-11-14 11:12:59+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/1177...

CVE-2021-41351 Microsoft Edge (Chrome based) Spoofing on IE Mode

...

CVE-2021-41351

CVE-2021-41351 refers to spoofing vulnerability in Microsoft Edge (Chromium-based) when used in Internet Explorer (IE) mode. The initial document lists a MEDIUM severity (CVSS v3.1 base score 4.3) with network attack vector and required user interaction, but provides no concrete details on root c...

KLA12349 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge can be exploited remotely to spoof user interface...