CVE-2026-41358

creationtimestamp| type| source ---|---|--- 2026-05-04 17:10:29+00:00| seen| https://gist.github.com/alon710/d4f3d9fbcfea6645ceefb383fa46637f...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +15 more potentially affected by CVE-2026-41358 via openclaw (>=2026.3.22 <=2026.4.12)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.8 and more Source cves: CVE-2026-41358 Source advisory: SNYK:JS-OPENCLAW-16206250...

CVE-2026-41358 OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context

OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through allowlisted user replies to bypass sender access controls and manipulate model context...

CVE-2024-41358

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...

Siemens Ruggedcom ROX NULL Pointer Dereference (CVE-2023-41358)

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...

CVE-2025-41358

creationtimestamp| type| source ---|---|--- 2025-12-10 12:55:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7n4a3webn2m...

phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)

Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windows CVE : CVE-2024-41358 Proof Of Concept GET...

EUVD-2025-41358

Malicious code in cindy-sate25-sukiwir npm...

MAL-2025-41358 Malicious code in @stackgl/gl-conformance (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6402e01df0460d9b2d3778bed73dc61d60fc700196a3bb56a2e91768227f3391 The OpenSSF Package Analysis project identified...

TencentOS Server 3: frr (TSSA-2024:0184)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0184 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Garage Management System 1.0 (categoriesName) - Stored XSS

Exploit Title: Garage Management System 1.0 categoriesName - Stored XSS Date: 18-09-2022 Exploit Author: Sam Wallace, SC Software Link: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html Version: 1.0 Tested on: Debian CVE : CVE-2022-41358 Summary:...

CVE-2024-41358

creationtimestamp| type| source ---|---|--- 2024-08-29 22:55:27+00:00| seen| https://t.me/cvedetector/4468 2025-12-03 21:02:31+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m74e5r3mzk2e...

CVE-2024-41358

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...

CVE-2024-41358

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...

CVE-2024-41358

CVE-2024-41358 affects phpIPAM 1.6. The vulnerability is a Cross-Site Scripting (XSS) issue in the import path app/admin/import-export/import-load-data.php. Root cause details are not provided in the documents beyond the XSS description. Potential impact is reflected as low confidentiality and in...

CVE-2024-41358

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...

RHEL 8 : frr (RHSA-2024:2981)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2981 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...

Moderate: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

ALSA-2024:2981 Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: missing length check in bgpattrpsidsub can lead do DoS CVE-2023-31490 frr: processes invalid NLRIs if attribute length is...

CentOS 8 : frr (CESA-2024:2981)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2981 advisory. - An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgpattrpsidsub function. CVE-2023-31490 - An...