EUVD-2026-36648

The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' parameter in all versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above,...

CVE-2026-9134 Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_attribute_key' Shortcode Parameter

The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customattributekey' shortcode parameter in versions up to, and including, 3.1.31 This is due to an incomplete JavaScript event handler blacklist in the foogallerysanitizejavascript function, which blocks onl...

EUVD-2026-36616

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access contro...

CVE-2026-53829

OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval...

CVE-2026-53820

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

CVE-2026-53836 OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases

OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks...

CVE-2026-53836

OpenClaw is affected by an allowlist bypass in PowerShell encoded-command handling prior to 2026.5.12. The vulnerability lets remote authenticated operators bypass the execution allowlist by using abbreviated or unrecognized encoded-command alias forms to run arbitrary PowerShell content. This ca...

CVE-2026-53829 OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display

OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval...

CVE-2026-53829 OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display

OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval...

CVE-2026-53829

OpenClaw prior to 2026.5.18 is affected by an approval display truncation vulnerability. Authenticated users can hide command suffixes from approvers by submitting oversized exec commands with benign prefixes and malicious suffixes, potentially enabling unauthorized operations after approval. CVS...

CVE-2026-53828 OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access contro...

CVE-2026-53828 OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access contro...

CVE-2026-53820 OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn

OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...

CVE-2026-47263

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...

CVE-2026-53520 Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0...

CVE-2026-53520

Nezha Monitoring before 2.1.0 (vulnerable 2.0.14–pre-2.1.0) allows authenticated users to claim the dashboard Host via NAT and preempt all dashboard routing. CVSS 3.1 base score 6.5 (I: None, A: High). Patch: upgrade to 2.1.0. If upgrading is not feasible, apply the vendor advisory guidance from ...

EUVD-2026-36557

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user wi...

CVE-2026-44783

Product/Component : Discourse (open-source discussion platform). Issue : A flaw in how replies to whispers is handled allows authenticated users outside the groups configured in whispers_allowed_groups to post into a topic’s staff-only whisper channel. The injected content is visible to whisperer...

CVE-2026-54362 MISP template builder exposes non-visible custom galaxies across organisations

An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The custom access-control condition intended to restrict galaxies to those owned by the user’s organisation or...

WordPress Meow Gallery plugin <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation vulnerability

Missing Authorization to Authenticated Author+ Shortcode creation vulnerability discovered by Chawabhon Netisingha JNX03 in WordPress Plugin Meow Gallery versions = 5.4.4...