CVE-2026-41377 OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation

OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings...

MAL-2025-41377 Malicious code in conversation-memory (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-41377

creationtimestamp| type| source ---|---|--- 2025-05-27 14:48:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17646...

CVE-2023-41377

creationtimestamp| type| source ---|---|--- 2023-10-31 23:21:12+00:00| seen| https://t.me/cibsecurity/73275...

CVE-2022-41377

creationtimestamp| type| source ---|---|--- 2022-10-07 22:17:46+00:00| seen| https://t.me/cibsecurity/51011...

CVE-2022-41377

CVE-2022-41377 affects Online Pet Shop We App v1.0. The vulnerability is a SQL injection in the id parameter of the endpoint /pet_shop/admin/?page=maintenance/manage_category. Per CVSS v3.1, it has AV:N, AC:L, PR:H, UI:N, S:U, C:H, I:H, A:H (base score 7.2, HIGH). Exploitation requires high privi...

CVE-2021-41377

Technical details about CVE-2021-41377 are not publicly provided in the supplied documents. No affected products/versions, root cause, or fixes are disclosed here. Monitor for updates from official advisories.

Microsoft Windows Multiple Vulnerabilities (KB5007192)

This host is missing a critical security update according to Microsoft KB5007192 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB5007245: Windows Server 2012 Security Update (November 2021)

The remote Windows host is missing security update 5007245 or cumulative update 5007245. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...

KB5007233: Windows 7 and Windows Server 2008 R2 Security Update (November 2021)

The remote Windows host is missing security update 5007233 or cumulative update 5007236. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665,...

KB5007192: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2021)

The remote Windows host is missing security update 5007192. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665, CVE-2021-41371 - A remote code...

CVE-2023-41377

...

CVE-2023-41377

Summary of CVE-2023-41377 findings (from PT-2023-27935): Calico Typha (and Calico Enterprise Typha) are affected by a denial-of-service vulnerability caused by performing the TLS Handshake() inside the main server loop without a timeout. This can allow a client TLS handshake to block the server i...