MAL-2026-2844 Malicious code in shelipp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

Malicious code in shelipp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

Malicious code in looopiw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

MAL-2026-2842 Malicious code in looopiw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

MAL-2026-2840 Malicious code in sher-server-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e83ee8187475c07ed6ea406a698e3f9d3c55efec8e689ba0c110a6ee2ce1012b Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

Malicious code in sher-server-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e83ee8187475c07ed6ea406a698e3f9d3c55efec8e689ba0c110a6ee2ce1012b Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

MAL-2026-2839 Malicious code in sher-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

Malicious code in sher-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence agent-based context database developed by Volcengine. Previous versions of OpenViking had security vulnerabilities. These vulnerabilities stemmed from a flaw in the HTTP routing mechanism of the VikingBot OpenAPI, which allowed authentication...

PT-2026-33478

Name of the Vulnerable Software and Affected Versions OpenViking versions prior to commit c7bb167 Description An authentication bypass exists in the VikingBot OpenAPI HTTP route surface. The issue occurs when the api key configuration value is unset or empty, causing the authentication check to...

CVE-2026-33555

creationtimestamp| type| source ---|---|--- 2026-04-16 20:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/80597 2026-04-16 20:13:19+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mjn7v22bv52o 2026-04-17 09:00:04+00:00| published-proof-of-concept|...

CVE-2026-33095

creationtimestamp| type| source ---|---|--- 2026-04-14 12:20:56+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0116 2026-04-14 15:49:19+00:00| seen| https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review 2026-04-14 18:18:19+00:00| seen|...

OpenClaw Sender Policy Bypass Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a sender policy bypass vulnerability that can be exploited by an attacker to bypass sender restrictions and interact with the bot...

OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through the SSRF guard and allowlist policy. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

GHSA-3FV3-6P2V-GXWJ OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through the SSRF guard and allowlist policy. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

GHSA-846P-HGPV-VPHC OpenClaw: QQ Bot structured payloads could read arbitrary local files

Summary Before OpenClaw 2026.4.2, QQ Bot structured media payloads could read local files from attacker-chosen paths. A crafted structured payload could escape QQ Bot-owned media roots and cause arbitrary file reads on the host. Impact Prompt-influenced structured payload output could exfiltrate...

OpenClaw: QQ Bot structured payloads could read arbitrary local files

Summary Before OpenClaw 2026.4.2, QQ Bot structured media payloads could read local files from attacker-chosen paths. A crafted structured payload could escape QQ Bot-owned media roots and cause arbitrary file reads on the host. Impact Prompt-influenced structured payload output could exfiltrate...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the QQ Bot media-send path. An attacker can access arbitrary files on the host filesystem by crafting structured payloads that specify file paths outside of intend...

Why AI Bot Protection and Control Are Essential for Application Security

AI-driven automation is no longer emerging. It is already integrated and accepted as internet traffic. From AI assistants and crawlers to enterprise automation tools, websites are now routinely accessed by non-human actors operating at scale. Vulnerabilities or weaknesses in your application...

CVE-2026-5557

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...