Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/04/23 9:57 p.m.5 views

CVE-2026-41333

OpenClaw (pre-2026.3.31) contains an authentication rate-limiting bypass vulnerability that lets attackers bypass shared authentication protections using fake device tokens. According to the record, attackers can exploit a mixed WebSocket authentication flow to bypass rate limiting and perform br...

6.3CVSS5.8AI score0.00079EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2026/04/03 3:9 a.m.7 views

OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting

Summary Fake DeviceToken Bypasses Shared Auth Rate Limiting Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Real in shipped mixed WS auth flow, but practical risk is mostly weak shared-password deployments since strong shared tokens remain non-bruteforceable...

6.3CVSS5.9AI score0.00079EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2025/10/13 12:30 a.m.1 views

EUVD-2025-33911

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

3.1CVSS5.1AI score0.00048EPSS
Exploits1References5
NVD
NVDadded 2025/10/12 10:15 p.m.2 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS0.00048EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/10/12 9:32 p.m.1 views

CVE-2025-11647 Tomofun Furbo 360/Furbo Mini GATT Service information disclosure

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

3.1CVSS3.3AI score0.00048EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/10/12 12:0 a.m.2 views

Tomofun Furbo 360和Tomofun Furbo Mini 访问控制错误漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. An access control error vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from incorrect...

6.8CVSS4AI score0.00048EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-3605

Malware in sbrugna...

7.5CVSS7.5AI score0.00325EPSS
Exploits0References2
Rows per page
Query Builder