Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/06/04 7:17 a.m.8 views

CVE-2026-50209 MDM Server Registration Overriding

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS5.8AI score0.00098EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 12:5 a.m.6 views

GHSA-524G-X36V-9WM6 Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

9.1CVSS6.1AI score0.00473EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 6:16 p.m.20 views

CVE-2026-45003

OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...

5CVSS0.00105EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 4:46 p.m.13 views

CVE-2026-45003

OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for the Matrix, Mattermost, IRC, and Synology connectors . An attacker with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files, enabling loc...

5CVSS5.8AI score0.00105EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/25 10:0 p.m.4 views

EUVD-2026-16058

Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL...

8.7CVSS5.8AI score0.0042EPSS
Exploits0References2
OSV
OSV
added 2026/03/25 10:0 p.m.3 views

GHSA-C83F-3XP6-HFCP Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL

Impact Users providing user generated input into the resolveEndpoint method on requests. Patches Upgrade to Saloon v4+ Upgrade guide: https://docs.saloon.dev/upgrade/upgrading-from-v3-to-v4 Description When building the request URL, Saloon combined the connector's base URL with the request...

8.7CVSS5.9AI score0.0042EPSS
Exploits0References4
Citrix
Citrix
added 2018/05/10 12:0 a.m.6 views

Receiver | keyboard language set on VDA is over ridden by the one set on the endpoint

User from non domain joined endpoint logs on the VDA Language set on the VDA is overridden by the one set on endpoint machine Receiver. We want to ensure that the keyboard language set on the VDA is the one user gets inside the session. In other words, keyboard language set on the endpoint Receiv...

7AI score
Exploits0
Rows per page
Query Builder