24 matches found
Duplicate Advisory: OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r77c-2cmr-7p47. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media...
GHSA-82RM-QCFX-2V78 Duplicate Advisory: OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r77c-2cmr-7p47. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media...
CVE-2026-43583
OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery...
PT-2026-38238
Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.10 through 2026.4.13 Description An issue exists where session context is not persisted during delivery queue recovery for media replay. This allows attackers to exploit recovered queued outbound media to bypass group...
CVE-2026-41381
OpenClaw =2026.3.31 (as per GHSA-CQGW-44WG-44RF), and the CVSS data shows a CVSSv3.1 base score around 5.4 (MEDIUM) with network attack vector and low confidentiality/integrity impact. No exploitation details beyond the advisory are provided in the documents. Remediation: upgrade openclaw to the ...
CVE-2025-36438
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints...
CVE-2025-36438 Multiple Vulnerabilities in IBM Concert Software
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints...
CVE-2025-36438
IBM Concert 1.0.0–2.2.0 contains a vulnerability where improper restriction of channel communication to intended endpoints can let a privileged user perform unauthorized actions. Root cause: inadequate access control/endpoint restriction within the channel communication path. Affected products: I...
IBM Concert 安全漏洞
IBM Concert is a new tool developed by the American international business machine IBM. It utilizes generative AI to assist in managing complex cloud-native applications. Versions of IBM Concert prior to 2.2.0 contained a security vulnerability, which stemmed from improper restrictions on channel...
PT-2026-28115
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints...
CVE-2025-62843
An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have already fixed the...
QNAP Systems QHora 安全漏洞
QNAP Systems QHora is a router product of QNAP Systems, a company based in Taiwan, China. There is a security vulnerability present in QNAP Systems QHora. This vulnerability stems from improper restrictions on communication channels, which may allow physical access attackers to gain privileges...
CVE-2026-0997
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate the authenticated user when processing /plugins/zoom/api/v1/channel-preference, which allows any logged-in user to change Zoom meeting restrictions for arbitrary...
Milner ImageDirector Capture security vulnerability
Milner ImageDirector Capture is a document collection and digital asset management software developed by the American company Milner. Versions of Milner ImageDirector Capture from 7.0.9 to 7.6.3.25808 contained security vulnerabilities. These vulnerabilities were due to insufficient credential...
CVE-2025-33176
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, and information disclosure...
PT-2025-32760 · Microsoft · Windows Hyper-V +1
Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. The vulnerability allows remote attacke...
The vulnerability of the SSH protocol implementation in Cisco Unified Computing System servers of the Cisco UCS B-Series, Managed C-Series, and X-Series models allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SSH protocol implementation in Cisco Unified Computing System servers of the Cisco UCS B-Series, Managed C-Series, and X-Series models is related to insufficient channel restrictions for specific endpoints. Exploiting this vulnerability can allow an attacker operating...
The vulnerability of the FortiOS operating systems and the FortiProxy proxy server, related to insufficient restrictions on communication channels for specified endpoints, allows attackers to gain unauthorized access to protected information.
The vulnerability of the FortiOS operating systems and the FortiProxy proxy server for protecting against Internet attacks is related to insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability can allow a malicious actor to gain unauthorized acce...
Fortinet多款产品 安全漏洞
Fortinet FortiOS and others are products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiManager is a centralized network security management platform.Fortinet FortiProxy is a secure network proxy that protects...
The vulnerability of the high-convergence infrastructure of IBM Storage Fusion HCI arises from insufficient channel restrictions for specific endpoints, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the high-convergence infrastructure of IBM Storage Fusion HCI lies in the insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...