Exploit for CVE-2026-26897

EcoOnline EHS Android — Deep Link Validation Bypass → WebVie...

PT-2026-45077

First mobile CVE by @neo ai engineer — CVE-2026-48745 Traccar Client 100k+ installs: one deep link silently redirects GPS telemetry to an attacker. Neo found it using static analysis + dynamic validation via @Genymotion integration. https://t.co/4qXTPRjgpq...

CVE-2026-35020

Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitrary commands by manipulating the TERMINAL environment variable. Attackers can inject shell...

CVE-2026-35020

CVE-2026-35020 entry is rejected/not used by the CNA.

CVE-2026-35020

...

CVE-2026-33875

Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update...

Unauthorized Data Access

Shopware is vulnerable to unauthorized data access. The vulnerability is due to an insufficient check on filter types for unauthenticated customers, where the deepLinkCode support on the store-api.order endpoint fails to enforce proper authorization and attackers can retrieve other customers' ord...

📄 Alipay Open Redirect / API Attacker Payload Insertion

A single crafted URL enables a complete attack chain against Alipay mobile application users that can allow for data exfiltration. As the vendor has stated this is normal behavior with no apparent plans to address the problem, this is being published to make users aware. Alipay Mobile App -...

GHSA-7VVP-J573-5584 Shopware: Unauthenticated data extraction possible through store-api.order endpoint

Summary An insufficient check on the filter types for unauthenticated customers allows access to orders of other customers. This is part of the deepLinkCode support on the store-api.order endpoint. Details Data Exposure Depending on the order payload configuration, attackers may retrieve: -...

Shopware: Unauthenticated data extraction possible through store-api.order endpoint

Summary An insufficient check on the filter types for unauthenticated customers allows access to orders of other customers. This is part of the deepLinkCode support on the store-api.order endpoint. Details Data Exposure Depending on the order payload configuration, attackers may retrieve: -...

OpenClaw 2026.2.6 < 2026.2.14 Deep Link Message Truncation (macOS) (GHSA-7q2j-c4q5-rm27)

The version of the OpenClaw AI assistant installed on the remote macOS host is 2026.2.6 or later but prior to 2026.2.14. It is, therefore, affected by a remote code execution vulnerability: - The OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links...

CVE-2026-26320

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

CVE-2026-26320

Summary: CVE-2026-26320 affects OpenClaw macOS desktop client versions 2026.2.6–2026.2.13. The app registers the openclaw:// URL scheme and, for openclaw://agent deep links without an unattended key, shows a truncated confirmation dialog (first 240 characters) but executes the full message after ...

CVE-2026-26320 OpenClaw macOS deep link confirmation truncation can conceal executed agent message

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

OpenClaw macOS deep link confirmation truncation can conceal executed agent message

Summary OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full message after the user clicked...

User Interface (UI) Misrepresentation of Critical Information

Overview Affected versions of this package are vulnerable to User Interface UI Misrepresentation of Critical Information via the confirmation dialog for openclaw://agent deep links when the message preview is truncated. An attacker can mislead users into approving the execution of hidden or...

GHSA-7Q2J-C4Q5-RM27 OpenClaw macOS deep link confirmation truncation can conceal executed agent message

Summary OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full message after the user clicked...

CVE-2022-31469

OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /!!=%2e./ URI...

CVE-2025-64106

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...