PT-2026-50155

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description Environment access is managed by the env permission, which can be restricted via --deny-env or an allowlist using --allow-env=FOO,BAR. The process.loadEnvFile function, a Node-compatible API for loading...

exploitGuard

Run and deploy your AI Studio app This contains everything yo...

CVE-2026-39394

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Install::index controller reads the host POST parameter without any validation and passes it directly into updateEnvSettings, which...

CVE-2026-45344

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

CVE-2026-47125

CVE-2026-47125 — Arcane global variables endpoint lacks admin authorization Affected: Arcane interface for Docker management (before 1.19.2) via PUT /api/environments/{id}/templates/variables that writes the system-wide .env.global. Root cause: missing admin check in the UpdateGlobalVariables han...

CVE-2026-45344

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

CVE-2026-45344

LinkAce suffers a pre-auth RCE via setup flow on uninitialized instances. Before version 2.5.6, the setup database configuration flow accepts attacker-controlled database credentials and writes them into the .env file without proper escaping. A remote attacker who can reach the setup endpoints an...

EUVD-2026-33054

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

Malicious code in mev-shield (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9783d5e48d62da6de516b1cf5d36474143528a9c6f33a86892ee558266a4e5ec The package advertises itself as an 'MEV protection layer for Ethereum trading bots' but does the opposite. On npm install, a postinstall script...

CVE-2026-39918

Vvveb prior to 1.0.8.1 contains a code injection vulnerability in the installation endpoint where the subdir POST parameter is written unsanitized into the env.php configuration file without escaping or validation. Attackers can inject arbitrary PHP code by breaking out of the string context in t...

MAL-2026-3210 Malicious code in graphicsctxr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10408decaf8cace14b8124fa392ee96996c3c91358cb454cbfcd45790d18cdf9 Package contains code to exfiltrate .env to a remote target. Prior to version 2.1.1, it also created a persistent backdoor via embedding a hardcoded SSH key...

PT-2026-35780

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description Workspace .env files can override the OPENCLAW BUNDLED PLUGINS DIR environment variable, which compromises the verification of plugin trust. This allows attackers who have control over the...

Duplicate Advisory: OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3qpv-xf3v-mm45. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable,...

CVE-2026-41180

Summary: PsiTransfer before 2.4.3 is vulnerable to a path traversal in the upload PATCH flow (/files/:uploadId). The attack can abuse a mounted request path vs the downstream tus handler’s decoded uploadId to cause an unauthenticated attacker to create a file named with a pattern like config..js ...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from loading the current working directory’s .env file before configuring the trusted state directory, which...

CVE-2026-39918 Vvveb < 1.0.8.1 Code Injection via Installation Endpoint

Vvveb prior to 1.0.8.1 contains a code injection vulnerability in the installation endpoint where the subdir POST parameter is written unsanitized into the env.php configuration file without escaping or validation. Attackers can inject arbitrary PHP code by breaking out of the string context in t...

CVE-2026-39918

Vvveb before 1.0.8.1 contains a code injection vulnerability in the installation endpoint. The subdir POST parameter is written unsanitized into env.php without escaping or validation, allowing an attacker to break out of the string context in the define statement and achieve unauthenticated remo...

OpenClaw: Workspace .env could inject OpenClaw runtime-control variables

Summary Workspace .env could inject OpenClaw runtime-control variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact A malicious workspace .env file could set OpenClaw runtime-control variables affecting update sources, gateway URLs,...

PsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restart

Summary The upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In deployments that use a supported custom PSITRANSFERUPLOADDIR whose basename prefixes a...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...