379 matches found
CVE-2026-2455
Mattermost Affected Versions: 11.3.x up to 11.3.0, 11.2.x up to 11.2.2, and 10.11.x up to 10.11.10. Issue: the product fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation, enabling SSRF to internal services via IPv4-mapped IPv6 literals (e.g., [::ffff:127.0.0.1]). Outco...
CVE-2026-2455 SSRF bypass via IPv4-mapped IPv6 literals
Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation which allows an attacker to perform SSRF attacks against internal services via IPv4-mapped IPv6 literals e.g., ::ffff:127.0.0.1.. Mattermost...
OpenClaw: /api/channels gateway-auth boundary bypass via path canonicalization mismatch
Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...
GHSA-8J2W-6FMM-M587 OpenClaw: /api/channels gateway-auth boundary bypass via path canonicalization mismatch
Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...
GHSA-VHWF-4X96-VQX2 OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path
OpenClaw's skills download installer validated the intended per-skill tools root lexically, but later reused that mutable path while downloading and copying the archive into place. If a local attacker could rebind that tools-root path between validation and the final write, the installer could be...
PT-2026-26412
Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...
SUSE-SU-2026:20664-1 Security update for util-linux
This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in login bsc1258859...
Apache PDFBox has Path Traversal through PDComplexFileSpecification.getFilename() function
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
GHSA-JJWR-XMW6-GF78 Apache PDFBox has Path Traversal through PDComplexFileSpecification.getFilename() function
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
CVE-2026-23907 Apache PDFBox Examples: Path Traversal in PDFBox ExtractEmbeddedFiles Example Code
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
SUSE-SU-2026:20714-1 Security update for util-linux
This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in login bsc1258859...
OESA-2026-1535 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A vulnerability exists in util-linux package that allows access control bypass due to improper hostname canonicalization.CVE-2026-3184...
OESA-2026-1534 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A vulnerability exists in util-linux package that allows access control bypass due to improper hostname canonicalization.CVE-2026-3184...
OESA-2026-1533 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A vulnerability exists in util-linux package that allows access control bypass due to improper hostname canonicalization.CVE-2026-3184...
OESA-2026-1532 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A vulnerability exists in util-linux package that allows access control bypass due to improper hostname canonicalization.CVE-2026-3184...
CVE-2026-20022
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...
CVE-2026-20022
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...
CVE-2026-20022
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...
GHSA-V865-P3GQ-HW6M OpenClaw has encoded-path auth bypass in plugin `/api/channels` route classification
Summary Updated March 2, 2026 Encoded alternate-path requests could bypass plugin route auth checks for /api/channels/ due to canonicalization depth mismatch in vulnerable builds. Affected Packages / Versions - Package: openclaw npm - Latest published vulnerable version: 2026.3.1 - Affected range...
OpenClaw has encoded-path auth bypass in plugin `/api/channels` route classification
Summary Updated March 2, 2026 Encoded alternate-path requests could bypass plugin route auth checks for /api/channels/ due to canonicalization depth mismatch in vulnerable builds. Affected Packages / Versions - Package: openclaw npm - Latest published vulnerable version: 2026.3.1 - Affected range...