22086 matches found
CVE-2026-4040
A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...
CVE-2026-4040 OpenClaw File Existence tools.exec.safeBins information exposure
A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...
CVE-2026-4040 OpenClaw File Existence tools.exec.safeBins information exposure
A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...
CVE-2026-4040
OpenClaw (up to 2026.2.17) contains a local-information-exposure vulnerability in the File Existence Handler, specifically in tools.exec.safeBins. Attack requires local access and can disclose partial information. A fix is available in 2026.2.19-beta.1 (patch id bafdbb6f112409a65decd3d4e7350fbd63...
CVE-2026-4039
Summary: CVE-2026-4039 affects OpenClaw 2026.2.19-2, specifically the Skill Env Handler’s function applySkillConfigenvOverrides, allowing remote code injection via manipulated environment configuration. A fix is published and the advisory notes upgrading to 2026.2.21-beta.1 (patch 8c9f35cdb51692b...
CVE-2026-4039
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
CVE-2026-4039 OpenClaw Skill Env applySkillConfigenvOverrides code injection
A vulnerability was determined in OpenClaw 2026.2.19-2. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection. It is possible to launch the attack remotely. Upgrading to version 2026.2.21-beta.1...
EUVD-2026-11538
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
EUVD-2026-11540
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the initializesections function of the Object File Handler. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted object files to the application during local...
CVE-2026-4008
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-4008 Tenda W3 POST Parameter wifiSSIDset stack-based overflow
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4008
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4008 Tenda W3 POST Parameter wifiSSIDset stack-based overflow
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4008
CVE-2026-4008 affects Tenda W3 1.0.0.3(2204). The flaw occurs in the POST Parameter Handler for the /goform/wifiSSIDset path, where manipulation of the argument index/GO leads to a stack-based buffer overflow. It can be exploited remotely, and an exploit has been published. Affected version detai...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-4007
CVE-2026-4007 affects Tenda W3 1.0.0.3(2204). The vulnerability arises in the POST Parameter Handler, specifically the file /goform/wifiSSIDget, where manipulation of the argument index leads to a stack-based buffer overflow. This enables a remote attack and the exploit is public. Documented CVSS...
CVE-2026-4007 Tenda W3 POST Parameter wifiSSIDget stack-based overflow
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
EUVD-2026-11537
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...