@axonflow/openclaw fix introduces plugin cache and credential-file permission hardening

Summary Two related permission defects in this AxonFlow plugin allowed registration credentials and cache state to be readable by other local users on hosts where the calling user's home directory was at the conventional 0755 mode. Affected versions Versions 1.3.2 and below. Impact 1. Cache and...

CVE-2026-40176

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command method, which constructs shell commands by interpolating user-supplied Perforce connection parameters port, user, client without...

GHSA-WG36-WVJ6-R67P Composer has a command injection via malicious perforce repository

Impact The Perforce::generateP4Command method constructed shell commands by interpolating user-supplied Perforce connection parameters port, user, client without proper escaping. An attacker controlling a repository configuration in a malicious composer.json declaring a Perforce VCS repository...

GO-2026-4907 Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI

Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal through improper validation of URL-encoded traversal sequences in the backend process. An attacker can delete critical configuration directories by supplying specially crafted paths. Details A Directory Traversal...

CVE-2026-33027 Nginx UI: Improper Path Validation Allows Recursive Deletion of the Nginx Configuration Directory

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui configuration improperly handles URL-encoded traversal sequences. When specially crafted paths are supplied, the backend resolves them to the base Nginx configuration directory and executes the operati...

SUSE CVE-2026-33528

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33529

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a...

CVE-2026-33528

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33529

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a...

CVE-2026-33528 GoDoxy has a Path Traversal Vulnerability in its File API

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33528 GoDoxy has a Path Traversal Vulnerability in its File API

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33528 GoDoxy has a Path Traversal Vulnerability in its File API

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33528

GoDoxy contains a path traversal vulnerability in its file content API: HTTP request to /api/v1/file/content with a crafted filename parameter can bypass validation and cause access outside the intended config directory by exploiting how the path is joined with ConfigBasePath. An authenticated at...

GHSA-4753-CMC8-8J9V GoDoxy has a Path Traversal Vulnerability in its File API

Summary The file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath = "config" a relative path. No sanitization or validation is applied beyond checking that...

GoDoxy has a Path Traversal Vulnerability in its File API

Summary The file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath = "config" a relative path. No sanitization or validation is applied beyond checking that...

PT-2026-27624

Name of the Vulnerable Software and Affected Versions GoDoxy versions prior to 0.27.5 Description GoDoxy, a reverse proxy and container orchestrator, contains a path traversal flaw in the file content API endpoint at /api/v1/file/content. The filename query parameter is directly used in...

PT-2026-26688

Halloy is an IRC application written in Rust. In versions on nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any loc...

CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

CVE-2026-32061

OpenClaw versions prior to 2026.2.17 contain a path traversal vulnerability in the $include directive resolution that allows reading arbitrary local files outside the config directory boundary. Attackers with config modification capabilities can exploit this by specifying absolute paths, traversa...