Lucene search
K

132 matches found

NVD
NVD
added last week9 views

CVE-2026-24697

An OS command injection vulnerability exists in the startbonjour function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wanhostname configuration parameter is not properly sanitized, which could allow an authenticated remot...

7.2CVSS0.00957EPSS
Exploits0References1
CVE
CVE
added 2026/07/08 12:0 a.m.8 views

CVE-2026-24697

Summary: CVE-2026-24697 is an OS command injection in the rc binary's start_bonjour() on Cisco RV130/RV130W (firmware 1.0.3.55) and RV110W (firmware 1.2.2.5 / 1.2.2.8). The issue stems from improper sanitization of the wan_hostname configuration parameter, potentially allowing an authenticated re...

7.2CVSS6.2AI score0.00957EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/08 12:0 a.m.33 views

CVE-2026-24697

An OS command injection vulnerability exists in the startbonjour function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wanhostname configuration parameter is not properly sanitized, which could allow an authenticated remot...

0.00957EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.5 views

CVE-2026-35659

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References5
CVE
CVE
added 2026/04/10 4:3 p.m.12 views

CVE-2026-35659

OpenClaw vulnerability CVE-2026-35659 affects OpenClaw prior to 2026.3.22. The issue is a service discovery flaw where TXT metadata from Bonjour and DNS-SD can influence CLI routing even if service resolution fails. Attackers could abuse unresolved hints to steer routing decisions toward unintend...

6.3CVSS5.8AI score0.00117EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/10 4:3 p.m.26 views

CVE-2026-35659 OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS0.00117EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35659 OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/10 4:3 p.m.4 views

EUVD-2026-21464

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References4
OSV
OSV
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35659 OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS6AI score0.00117EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31970

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References5
OSV
OSV
added 2026/03/26 7:50 p.m.5 views

GHSA-RVQR-HRCC-J9VV OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution

Summary Bonjour and DNS-SD TXT metadata could still steer CLI routing even when actual service resolution failed, allowing unresolved hints to influence the chosen target. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/26 7:50 p.m.6 views

OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution

Summary Bonjour and DNS-SD TXT metadata could still steer CLI routing even when actual service resolution failed, allowing unresolved hints to influence the chosen target. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

6.3CVSS5.8AI score0.00117EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/03/26 7:50 p.m.5 views

External Control of Critical State Data

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to External Control of Critical State Data in the CLI routing process after failed service resolution, where Bonjour and DNS-SD TXT metadata could still influence the chosen target. An...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

EPSON WF-2861 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-18959)

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATION/BONJOUR is more than 251 bytes when sending data for Air Print Setting, then the device no longe...

7.5CVSS7.2AI score0.01163EPSS
Exploits1References2
OSV
OSV
added 2026/01/16 11:59 a.m.8 views

OESA-2026-1123 cups-filters security update

This project provides backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition it contains additional filters and software developed independently of Apple, especially filters for the PDF-centric printing workflow...

5.5CVSS7.6AI score0.00185EPSS
Exploits1References2
OSV
OSV
added 2026/01/16 11:59 a.m.4 views

OESA-2026-1122 cups-filters security update

This project provides backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition it contains additional filters and software developed independently of Apple, especially filters for the PDF-centric printing workflow...

5.5CVSS7.6AI score0.00185EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/22 8:18 p.m.5 views

CVE-2025-53047

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While...

5.8CVSS5.4AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 8:20 p.m.7 views

CVE-2025-53047

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While...

5.8CVSS0.00291EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 8:20 p.m.4 views

CVE-2025-53047

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While...

5.8CVSS5.8AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 8:2 p.m.5 views

EUVD-2025-35287

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While...

5.8CVSS4.9AI score0.00291EPSS
Exploits0References1
Rows per page
Query Builder