Lucene search
K

6 matches found

Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-14052

Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00221EPSS
Exploits0
CVE
CVE
added 6 days ago12 views

CVE-2026-14052

CVE-2026-14052 describes insufficient policy enforcement in Google Chrome’s FileSystem, before version 150.0.7871.47, allowing a remote attacker to bypass discretionary access control via a crafted HTML page. Root cause is improper FileSystem permission enforcement. Impact per the documents is a ...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the File System API of Google Chrome on Windows prior to version 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

8.1CVSS6.9AI score0.0165EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/28 6:10 p.m.4 views

CVE-2026-41911 OpenClaw < 2026.4.8 - Workspace-Only Filesystem Policy Bypass via docx upload_file/upload_image

OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 6:10 p.m.8 views

EUVD-2026-26117

OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit uploadfile and uploadimage endpoints to access files beyond the intended workspace-only filesystem policy...

6.5CVSS5.2AI score0.00326EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:10 p.m.16 views

CVE-2026-41911

CVE-2026-41911 affects the OpenClaw project: OpenClaw prior to 2026.4.8 contains a filesystem policy bypass during docx upload processing that allows local file reads outside the workspace boundaries. Attackers can exploit the upload_file and upload_image endpoints to access files beyond the inte...

6.5CVSS5.3AI score0.00326EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder