Lucene search
K

89763 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 7:54 p.m.6 views

CVE-2026-40325 Masa CMS CSRF in content restoration allows unauthorized restoration of deleted content

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 7:54 p.m.10 views

EUVD-2026-28158

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.9 views

CVE-2026-44117 OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References3
CVE
CVE
added 2026/05/06 7:49 p.m.21 views

CVE-2026-44117

OpenClaw is affected by a server-side request forgery in QQBot direct media upload (uploadC2CMedia and uploadGroupMedia) where URL validation is skipped. This allows an attacker to relay unintended requests by sending crafted image URLs, bypassing SSRF protections. The issue affects OpenClaw prio...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.40 views

CVE-2026-44117 OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot Direct Media Upload

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS0.00236EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.4 views

CVE-2026-44117

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.32 views

CVE-2026-44116 OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation

OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API, enabling unauthoriz...

8.6CVSS0.00291EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.7 views

CVE-2026-44116

OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API, enabling unauthoriz...

8.6CVSS5.8AI score0.00291EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.7 views

CVE-2026-44116 OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo Photo URL Validation

OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API, enabling unauthoriz...

8.6CVSS5.8AI score0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.29 views

CVE-2026-43582 OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass

OpenClaw before 2026.4.10 contains a server-side request forgery vulnerability in browser navigation policy that allows attackers to bypass hostname validation through DNS rebinding attacks. Attackers can exploit inconsistent hostname resolution between validation and actual network requests to...

6.3CVSS0.00199EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43582

OpenClaw before 2026.4.10 contains a server-side request forgery vulnerability in browser navigation policy that allows attackers to bypass hostname validation through DNS rebinding attacks. Attackers can exploit inconsistent hostname resolution between validation and actual network requests to...

6.3CVSS5.8AI score0.00199EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 7:49 p.m.18 views

CVE-2026-43582

OpenClaw prior to version 2026.4.10 is affected by a server-side request forgery in the browser navigation policy that lets an attacker bypass hostname validation via DNS rebinding. This enables exploitation where inconsistent hostname resolution between validation and actual network requests can...

6.3CVSS5.8AI score0.00199EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.9 views

CVE-2026-43582 OpenClaw < 2026.4.10 - DNS Rebinding SSRF via Hostname Validation Bypass

OpenClaw before 2026.4.10 contains a server-side request forgery vulnerability in browser navigation policy that allows attackers to bypass hostname validation through DNS rebinding attacks. Attackers can exploit inconsistent hostname resolution between validation and actual network requests to...

6.3CVSS5.8AI score0.00199EPSS
Exploits0References3
CVE
CVE
added 2026/05/06 7:49 p.m.15 views

CVE-2026-43576

OpenClaw before 2026.4.5 is affected by a server-side request forgery in the CDP /json/version WebSocket endpoint. The webSocketDebuggerUrl field is not properly validated, enabling an attacker to redirect connections to arbitrary hosts and perform SSRF-style jumps to second-hop targets. Affected...

7.7CVSS5.9AI score0.00265EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43576 OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL

OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validated, enabling attackers to redirect connections t...

7.7CVSS5.9AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.31 views

CVE-2026-43576 OpenClaw < 2026.4.5 - Second-hop SSRF via CDP /json/version WebSocket URL

OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validated, enabling attackers to redirect connections t...

7.7CVSS0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 7:42 p.m.27 views

CVE-2026-40309 Masa CMS CSRF in trash management allows unauthorized permanent deletion of deleted content

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.empty function does not validate anti-CSRF tokens for trash management requests. An attacker can induce a logged-in administrator to submit a forged request that empties the trash and permanent...

7.2CVSS0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 7:42 p.m.8 views

CVE-2026-40309

CVE-2026-40309 : Masa CMS (fork of Mura CMS) contains a CSRF flaw in the trash management path. In versions up to 7.5.2, cTrash.empty does not validate anti-CSRF tokens, allowing an authenticated administrator to be tricked into submitting a forged request that permanently deletes all trashed con...

7.2CVSS5.7AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 7:42 p.m.8 views

EUVD-2026-28156

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.empty function does not validate anti-CSRF tokens for trash management requests. An attacker can induce a logged-in administrator to submit a forged request that empties the trash and permanent...

7.2CVSS5.7AI score0.00165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 7:42 p.m.7 views

CVE-2026-40309 Masa CMS CSRF in trash management allows unauthorized permanent deletion of deleted content

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.empty function does not validate anti-CSRF tokens for trash management requests. An attacker can induce a logged-in administrator to submit a forged request that empties the trash and permanent...

7.2CVSS5.7AI score0.00165EPSS
Exploits0References1
Rows per page
Query Builder