CVE-2026-42869

SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWTSECR...

CVE-2026-43652

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...

CVE-2026-42883

Summary of CVE-2026-42883 (Audiobookshelf) Affected product: Audiobookshelf (self-hosted audiobook/podcast server) prior to version 2.32.2. Vulnerability: The GET /api/libraries/:id/download endpoint validates that the requester has access to the library in the URL path, but it fetches downloadab...

MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API

The mcissueupdate function in MantisBT allows users having updatebugthreshold access UPDATER, with default settings to edit, change view state, and modify time tracking on bugnotes belonging to other users — bypassing the default DEVELOPER level 55 threshold required by the dedicated...

Access Control Bypass

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Access Control Bypass in the REST API upload process. An attacker can upload attachments to private issues without proper authorization by leveraging authenticated access to endpoints they are...

Access Control Bypass

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Access Control Bypass via insufficient access control checks in the ProjectUsersAddCommand process. An attacker can escalate their project-level privileges by submitting a forged higher...

MantisBT Vulnerable to Privilege Escalation from Manager to Administrator

Insufficient access control checks in ProjectUsersAddCommand used in manageprojuseradd.php and REST API endpoint PUT /project/id/users allows users having manageprojectthreshold access level manager by default to grant project-level administrator access to any user including themselves in any...

Access Control Bypass

Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Access Control Bypass via insufficient authorization checks in the API endpoints handling user-owned objects and shared server features. An attacker can gain unauthorized access to other users' private...

EUVD-2026-29139

OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Attackers can access the bootstrap config route without a valid Gateway token to expose sensitive...

GHSA-W626-296M-8F85 Duplicate Advisory: OpenClaw's ACP child sessions inherit subagent security envelope constraints

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q3jj-46pq-826r. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a security envelope constraint bypass vulnerability allowing restricted subagents ...

EUVD-2026-29116

HireFlow v1.2 is vulnerable to Incorrect Access Control. The application does not enforce object-level authorization on the /candidate/ and /interview/ endpoints. The route handlers retrieve records by the user-supplied ID without verifying that the requesting user is the owner or has an authoriz...

EUVD-2026-29081

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

pgAdmin 4 server mode has an authorization vulnerability affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

GHSA-H2X2-Q2MC-24GW pgAdmin 4 server mode has an authorization vulnerability affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

CVE-2026-45006

OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist malicious config...

CVE-2026-44994

OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Attackers can access the bootstrap config route without a valid Gateway token to expose sensitive...

CVE-2026-36983

D-Link DCS-932L v2.18.01 is vulnerable to Command Injection in the function sub42EF14 of the file /bin/alphapd. The manipulation of the argument LightSensorControl leads to command injection...

CVE-2026-38568

HireFlow v1.2 is vulnerable to Incorrect Access Control. The application does not enforce object-level authorization on the /candidate/ and /interview/ endpoints. The route handlers retrieve records by the user-supplied ID without verifying that the requesting user is the owner or has an authoriz...

Malicious code in openai-spellchecker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13911c4c1e0334b4e4d972e3b3256a08f8991d3935d74086c252ed085d3984a0 The package hides code to download and execute a next-stage payload, which then communicates with C2 and listens for next code parts. In the analyzed version,...

MAL-2026-3429 Malicious code in openai-spellchecker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13911c4c1e0334b4e4d972e3b3256a08f8991d3935d74086c252ed085d3984a0 The package hides code to download and execute a next-stage payload, which then communicates with C2 and listens for next code parts. In the analyzed version,...