484 matches found
OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-14827)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...
OpenClaw 数据伪造问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...
gmsm 数据伪造问题漏洞
GMSM is a commercial cryptography algorithm library implemented in Go language by Sun Yimin as a personal development. Versions of GMSM prior to 0.41.1 contained a data forgery vulnerability. This vulnerability stemmed from an infinite point ciphertext forgery flaw in the SM9 decryption...
OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13591)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...
OpenClaw 数据伪造问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...
OpenClaw Data Forgery Issue Vulnerability
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...
OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...
OpenClaw 数据伪造问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...
OpenClaw 数据伪造问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...
RustCrypto signatures: Data forgery vulnerability
RustCrypto signatures are a set of digital signature algorithms developed by RustCrypto under open source. In versions of RustCrypto signatures from 0.0.4 to 0.1.0-rc.4, there was a vulnerability related to data manipulation. This vulnerability stemmed from the signature verification implementati...
IBM ApplinX Data Forgery Issue Vulnerability
IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern Web-based applications. IBM ApplinX has a data forgery issue vulnerability that stems from improper JWT token validation, which can be exploited by an attacker to elevate...
sm-crypto data forgery vulnerability
sm-crypto is an encryption algorithm developed by June01, a personal developer. Versions of sm-crypto prior to 0.4.0 had a data forgery vulnerability. This vulnerability stemmed from defects in the SM2 signature verification logic, which could lead to signature forgery...
sm-crypto data forgery vulnerability
sm-crypto is an encryption algorithm developed by June01 as a personal developer. Versions of sm-crypto prior to 0.3.14 contained a data falsification vulnerability. This vulnerability stemmed from a malleability flaw in the SM2 signature verification logic, which could allow the generation of ne...
sm-crypto data forgery vulnerability
sm-crypto is an encryption algorithm developed by June01, a personal developer. Versions of sm-crypto prior to 0.3.14 contained a data manipulation vulnerability. This vulnerability stemmed from defects in the SM2 decryption logic, which could lead to the recovery of private keys...
MineAdmin Data Forgery Vulnerability
MineAdmin is an open-source permission management system developed by MineAdmin. Versions 1.x and 2.x of MineAdmin have a vulnerability related to data falsification, which stems from insufficient verification of data authenticity...
IBM ApplinX 数据伪造问题漏洞
IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern Web-based applications. IBM ApplinX has a data forgery issue vulnerability that stems from improper JWT token validation, which can be exploited by an attacker to elevate...
Jervis 数据伪造问题漏洞
Jervis is an automation tool by Sam Gleske Personal Developer. A data forgery issue vulnerability exists in versions prior to Jervis 2.2 that stems from an unvalidated alg field in the JWT header, which could lead to a security bypass...
Hono 数据伪造问题漏洞
Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing JWT header algorithmic values to influence signature validation, potentially leading to...
Hono 数据伪造问题漏洞
Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing the JWT header algorithm to influence signature verification, potentially leading to algorithmic...
Microsoft Windows Admin Center 数据伪造问题漏洞
Microsoft Windows Admin Center is a locally deployed browser-based application from Microsoft USA. The program is primarily used to manage servers, clusters, and more. Microsoft Windows Admin Center is vulnerable to a data forgery issue. An attacker can exploit this vulnerability to elevate...