@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +10 more potentially affected by CVE-2026-41375 via openclaw (>=2026.3.22 <=2026.3.24)

openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 Source cves: CVE-2026-41375 Source advisory: SNYK:JS-OPENCLAW-15929025...

CVE-2024-41375

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/terminal-xhr.php...

CVE-2025-41375

creationtimestamp| type| source ---|---|--- 2025-08-01 12:48:27+00:00| seen| Telegram/FyYStm7U6UMSehfzT8TWkUV6v63SsVYUfDID8eQEy8djY...

CVE-2025-41375 SQL Injection in Limesurvey

SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint...

CVE-2025-41375

CVE-2025-41375 describes a SQL Injection in Limesurvey 2.65.1+170522, exploitable via the token parameter on the /index.php endpoint. The root cause is an injectable input in that parameter allowing an attacker to retrieve, create, update, or delete database records. Impact is elevated: high conf...

CVE-2023-41375

Use after free vulnerability exists in Kostac PLC Programming Software Version 1.6.11.0. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of K...

CVE-2024-41375

creationtimestamp| type| source ---|---|--- 2024-07-26 19:42:24+00:00| seen| https://t.me/cvedetector/1698 2024-07-29 17:32:27+00:00| seen| https://t.me/arvinclub1/1123...

CVE-2024-41375

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/terminal-xhr.php...

CVE-2024-41375

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/terminal-xhr.php...

CVE-2023-41375

creationtimestamp| type| source ---|---|--- 2023-09-20 12:30:17+00:00| seen| https://t.me/cibsecurity/70787...

CVE-2023-41375

CVE-2023-41375 is a use-after-free vulnerability in Kostac PLC Programming Software (KPP) 1.6.11.0 and earlier, due to parsing of KPP project files saved with 1.6.9.0 or earlier. Exploitation may allow arbitrary code execution when a user opens a specially crafted project file. The vendor notes t...

CVE-2021-41375 Azure Sphere Information Disclosure Vulnerability

...

CVE-2021-41375

Azure Sphere Information Disclosure Vulnerability (CVE-2021-41375) affects Microsoft Azure Sphere OS. Connected sources corroborate an information-disclosure issue with Azure Sphere, CVSS around 4.4 (MEDIUM) and remote vector listed as LOCAL with high privileges required in some vectors; official...

Vulnerabilities fixed in Microsoft Azure products

Microsoft has fixed vulnerabilities in Azure products. The vulnerabilities allow a malicious party to gain elevated permissions and to obtain sensitive data. Azure RTOS: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...