Malicious code in system-update-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4902f753d49279adae969f368b995d1ec8990f506dfb70d9c8891098f657ae9b If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

PT-2026-36705

Name of the Vulnerable Software and Affected Versions Telegram Desktop versions prior to 6.7.6 Description A null pointer dereference a condition where a program attempts to read from a memory address that is null, typically causing a crash can be triggered remotely in the Bot API component. The...

MAL-2026-3287 Malicious code in ams-ssk (npm)

Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 31 published versions 1.0.0 through 1.0.33 are malicious. Pairs with common-tg-service, which performs the client-side Telegram account takeover. ams-ssk is the...

CVE-2026-33449

creationtimestamp| type| source ---|---|--- 2026-04-30 22:01:16+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mkqmh7xuxs2s...

CVE-2026-41914

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies...

Bad Bot Report 2026: The Internet Is No Longer Human and It’s Changing How Business Works

For decades, companies have operated on a simple assumption that most internet traffic came from people. That assumption no longer holds. The latest 2026 Bad Bot Report: Bad Bots in the Agentic Age reinforces a shift that is now impossible to ignore. Automated traffic continues to outpace human...

CVE-2026-41914

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies...

CVE-2026-41914

OpenClaw contains a server-side request forgery in QQ Bot media download paths prior to 2026.4.8. The issue allows unprotected media fetch endpoints to bypass SSRF protection and access internal resources, circumventing allowlists. Affected package: openclaw (QQ Bot extension) with versions

Malicious code in frank-bot-gogle-cloning (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44bf385867bdd18d9634c115e9e423146f198038e6fdb1d6dca9c95743f3af4b The package frank-bot-gogle-cloning was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3080 Malicious code in frank-bot-gogle-cloning (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44bf385867bdd18d9634c115e9e423146f198038e6fdb1d6dca9c95743f3af4b The package frank-bot-gogle-cloning was found to contain malicious code. Source: ossf-package-analysis...

GHSA-C4QG-J8JG-42Q5 OpenClaw: QQBot direct media upload skipped URL SSRF validation

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The QQBot direct-upload media path could forward attacker-controlled image URLs without applying the SSRF validation used by the local download path. This could make configured...

@netlify/agent-runner-cli (>=1.83.1 <=1.94.0-netlifydb.4), feishu-claude-bot (=0.1.0) +1 more potentially affected by CVE-2026-40068 via @anthropic-ai/claude-code (>=2.1.63 <=2.1.81)

@anthropic-ai/claude-code NPM version =2.1.63, =1.83.1, =1.2.2, =1.2.3 Source cves: CVE-2026-40068 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-16301567...

@netlify/agent-runner-cli (>=1.83.1 <=1.94.0-netlifydb.4), feishu-claude-bot (=0.1.0) +1 more potentially affected by CVE-2026-40068 via @anthropic-ai/claude-code (>=2.1.63 <=2.1.81)

@anthropic-ai/claude-code NPM version =2.1.63, =1.83.1, =1.2.2, =1.2.3 Source cves: CVE-2026-40068 Source advisory: OSV:GHSA-Q5HJ-MXQH-VV77...

Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

CVE-2026-41354

OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...

CVE-2026-41354 OpenClaw < 2026.4.2 - Insufficient Scope in Zalo Webhook Replay Dedupe Keys

OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...

Exploit for CVE-2026-41303

🔐 CVE-2026-41303: Authorization Bypass en OpenClaw Discord Bot...

CVE-2026-41266

Flowise CVE-2026-41266 affects Flowise (drag-and-drop LLM workflow UI). Before version 3.1.0, GET/unauthenticated access to /api/v1/public-chatbotConfig/:id exposes sensitive data (API keys, HTTP Authorization headers, and internal configuration) without authentication. An attacker who only knows...

AI ChatBot with ChatGPT by AYS <= 2.6.6 - Unauthenticated API Key Exposure

AYS AI ChatBot with ChatGPT and Content Generator = 2.6.6 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted input. id: CVE-2025-62039 info:...

PT-2026-34785

OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...