Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2160 matches found

EUVD
EUVDadded 2026/04/05 12:30 p.m.0 views

EUVD-2026-19062

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS6.2AI score0.00029EPSS
Exploits0References5
NVD
NVDadded 2026/04/05 10:16 a.m.1 views

CVE-2026-5557

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS0.00029EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/05 9:45 a.m.3 views

CVE-2026-5557

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS6.2AI score0.00029EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/04/05 9:45 a.m.5 views

CVE-2026-5557

The CVE-2026-5557 entry concerns badlogic pi-mono up to version 0.58.4, affecting the pi-mom Slack Bot component’s file packages/mom/src/slack.ts. The documented issue results in an authentication bypass via an alternate channel, with remote execution possible. Public exploitation is noted. No ve...

6.5CVSS6.2AI score0.00029EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/05 9:45 a.m.26 views

CVE-2026-5557 badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS0.00029EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/05 9:45 a.m.3 views

CVE-2026-5557 badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS6.2AI score0.00029EPSS
Exploits0References4
NVD
NVDadded 2026/04/02 7:21 p.m.3 views

CVE-2026-5417

A vulnerability was determined in Dataease SQLbot up to 1.6.0. This issue affects the function getesdatabyhttp of the file backend/apps/db/esengine.py of the component Elasticsearch Handler. This manipulation of the argument address causes server-side request forgery. The attack may be initiated...

5.8CVSS0.0005EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/04/02 4:56 p.m.0 views

CVE-2026-34999

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS6AI score0.00089EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2026/04/02 11:42 a.m.5 views

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans RATs and cryptocurrency miners since November 2023. "Beyond cryptomining, the threat actor monetizes infections through CPA Cost Per Action fraud, directing victims to...

6AI score
Exploits0
Malwarebytes
Malwarebytesadded 2026/04/01 9:49 p.m.4 views

Wikipedia’s AI agent row likely just the beginning of the bot-ocalypse

The Internet is filled with people who insist on being right. In the past, at least they could be reasonably sure that they were arguing with other humans. Those days are gone, apparently. Wikipedia just had to ban an AI that was making edits on its own. Apparently, the AI took it personally. The...

5.7AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/01 5:3 p.m.2 views

CVE-2026-33578

OpenClaw before 2026.3.28 contains a sender policy bypass vulnerability in the Google Chat and Zalouser extensions where route-level group allowlist policies silently downgrade to open policy. Attackers can exploit this policy resolution flaw to bypass sender restrictions and interact with bots...

5.3CVSS5.9AI score0.00013EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/01 3:31 p.m.0 views

EUVD-2026-17905

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS6AI score0.00089EPSS
Exploits0References5
Snyk
Snykadded 2026/04/01 3:27 p.m.3 views

Missing Authentication for Critical Function

Overview openviking is an An Agent-native context database Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the bot proxy router. An attacker can gain unauthorized access to protected bot proxy functionality by sending requests to the POST...

6.9CVSS5.8AI score0.00089EPSS
Exploits0References2
NVD
NVDadded 2026/04/01 2:16 p.m.0 views

CVE-2026-34999

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS0.00089EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/01 1:30 p.m.26 views

CVE-2026-34999 OpenViking 0.2.5 < 0.2.14 Bot Proxy Endpoints Allow Unauthenticated Access

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS0.00089EPSS
Exploits0References4
CVE
CVEadded 2026/04/01 1:30 p.m.3 views

CVE-2026-34999

OpenViking 0.2.5, prior to 0.2.14, contains a missing authentication vulnerability in the bot proxy router that lets remote unauthenticated attackers access protected bot proxy functionality by sending requests to POST /bot/v1/chat and POST /bot/v1/chat/stream. Attackers can bypass authentication...

6.9CVSS6AI score0.00089EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/01 1:30 p.m.1 views

CVE-2026-34999 OpenViking 0.2.5 < 0.2.14 Bot Proxy Endpoints Allow Unauthenticated Access

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS6AI score0.00089EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/01 12:0 a.m.2 views

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence proxy context database developed by Volcengine. Versions of OpenViking prior to 0.2.14 contained security vulnerabilities. These vulnerabilities stemmed from a lack of authentication in the bot proxy router, allowing unauthorized attackers to...

6.9CVSS5.8AI score0.00089EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.2 views

PT-2026-29523

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers...

6.9CVSS6AI score0.00089EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/31 2:10 p.m.1 views

CVE-2026-33578

OpenClaw before 2026.3.28 contains a sender policy bypass vulnerability in the Google Chat and Zalouser extensions where route-level group allowlist policies silently downgrade to open policy. Attackers can exploit this policy resolution flaw to bypass sender restrictions and interact with bots...

5.3CVSS5.9AI score0.00013EPSS
Exploits0References4
Rows per page
Query Builder