Lucene search
K

484 matches found

CNVD
CNVD
added 2026/03/24 12:0 a.m.5 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-14827)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...

6.3CVSS5.9AI score0.00189EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.13 views

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...

6.3CVSS5.8AI score0.00189EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.11 views

gmsm 数据伪造问题漏洞

GMSM is a commercial cryptography algorithm library implemented in Go language by Sun Yimin as a personal development. Versions of GMSM prior to 0.41.1 contained a data forgery vulnerability. This vulnerability stemmed from an infinite point ciphertext forgery flaw in the SM9 decryption...

7.5CVSS7.3AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/12 12:0 a.m.5 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13591)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.36 views

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References6
CNVD
CNVD
added 2026/03/02 12:0 a.m.5 views

OpenClaw Data Forgery Issue Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...

7.5CVSS5.8AI score0.002EPSS
Exploits1References1
CNVD
CNVD
added 2026/03/02 12:0 a.m.1 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

7.1CVSS5.8AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.9 views

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

7.1CVSS5.8AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from an unverified Telegram key token header and can be exploited by an attacker to process forged updates and perform unexpected actions...

7.5CVSS5.8AI score0.002EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.9 views

RustCrypto signatures: Data forgery vulnerability

RustCrypto signatures are a set of digital signature algorithms developed by RustCrypto under open source. In versions of RustCrypto signatures from 0.0.4 to 0.1.0-rc.4, there was a vulnerability related to data manipulation. This vulnerability stemmed from the signature verification implementati...

5.3CVSS5.8AI score0.00299EPSS
Exploits0References11
CNVD
CNVD
added 2026/01/26 12:0 a.m.3 views

IBM ApplinX Data Forgery Issue Vulnerability

IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern Web-based applications. IBM ApplinX has a data forgery issue vulnerability that stems from improper JWT token validation, which can be exploited by an attacker to elevate...

9.8CVSS5.6AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

sm-crypto data forgery vulnerability

sm-crypto is an encryption algorithm developed by June01, a personal developer. Versions of sm-crypto prior to 0.4.0 had a data forgery vulnerability. This vulnerability stemmed from defects in the SM2 signature verification logic, which could lead to signature forgery...

7.5CVSS5.8AI score0.00194EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

sm-crypto data forgery vulnerability

sm-crypto is an encryption algorithm developed by June01 as a personal developer. Versions of sm-crypto prior to 0.3.14 contained a data falsification vulnerability. This vulnerability stemmed from a malleability flaw in the SM2 signature verification logic, which could allow the generation of ne...

7.5CVSS5.8AI score0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

sm-crypto data forgery vulnerability

sm-crypto is an encryption algorithm developed by June01, a personal developer. Versions of sm-crypto prior to 0.3.14 contained a data manipulation vulnerability. This vulnerability stemmed from defects in the SM2 decryption logic, which could lead to the recovery of private keys...

9.1CVSS5.7AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.12 views

MineAdmin Data Forgery Vulnerability

MineAdmin is an open-source permission management system developed by MineAdmin. Versions 1.x and 2.x of MineAdmin have a vulnerability related to data falsification, which stems from insufficient verification of data authenticity...

7.5CVSS6AI score0.00216EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

IBM ApplinX 数据伪造问题漏洞

IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern Web-based applications. IBM ApplinX has a data forgery issue vulnerability that stems from improper JWT token validation, which can be exploited by an attacker to elevate...

9.8CVSS5.8AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.8 views

Jervis 数据伪造问题漏洞

Jervis is an automation tool by Sam Gleske Personal Developer. A data forgery issue vulnerability exists in versions prior to Jervis 2.2 that stems from an unvalidated alg field in the JWT header, which could lead to a security bypass...

6.9CVSS5.8AI score0.00128EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.7 views

Hono 数据伪造问题漏洞

Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing JWT header algorithmic values to influence signature validation, potentially leading to...

8.2CVSS5.8AI score0.00141EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.9 views

Hono 数据伪造问题漏洞

Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing the JWT header algorithm to influence signature verification, potentially leading to algorithmic...

8.2CVSS5.8AI score0.00118EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Microsoft Windows Admin Center 数据伪造问题漏洞

Microsoft Windows Admin Center is a locally deployed browser-based application from Microsoft USA. The program is primarily used to manage servers, clusters, and more. Microsoft Windows Admin Center is vulnerable to a data forgery issue. An attacker can exploit this vulnerability to elevate...

7.5CVSS6AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder