Lucene search
K

79 matches found

CVE
CVE
added 2026/06/09 4:22 p.m.43 views

CVE-2026-42599

CVE-2026-42599 affects Svelte SSR. Prior to version 5.55.7, using spread syntax to render attributes from untrusted data may include event handler properties in the rendered HTML, enabling attackers to inject malicious event handlers that run in victims’ browsers if JavaScript is enabled and hydr...

6.1CVSS5.5AI score0.00168EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47875

Svelte is a performance oriented web framework. Prior to version 5.55.7, when using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an application spreads user-controlled or external data as element attributes, an...

5CVSS5.5AI score0.00168EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/14 8:30 p.m.45 views

Svelte: SSR XSS via Insecure Promise Serialization in hydratable

Contents of hydratable promises were not properly stringified, potentially leading to an XSS exploit. You are vulnerable if all of the following is true: - you are using hydratable an experimental feature at the time of this report - you are passing attacker-controlled input such that a synchrono...

5.8AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/14 8:19 p.m.7 views

GHSA-PR6F-5X2Q-RWFP Svelte SSR vulnerable to cross-site scripting via spread attributes

When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an application spreads user-controlled or external data as element attributes, an attacker can inject malicious event handlers that execute in victims' browsers...

5CVSS5.9AI score0.00189EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/14 8:19 p.m.9 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of attributes using spread syntax from untrusted data, which includes event handler properties in the HTML output. An attacker...

7.7CVSS5.8AI score0.00168EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/06 5:54 p.m.15 views

Craft CMS has Potential Authenticated Remote Code Execution via Malicious Attached Behavior

We identified a vulnerability in the latest version of Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. Yii’s dynamic object configuration, as implemented in...

8.6CVSS6.1AI score0.00346EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/06 5:54 p.m.4 views

GHSA-QRGM-P9W5-RRFW Craft CMS has Potential Authenticated Remote Code Execution via Malicious Attached Behavior

We identified a vulnerability in the latest version of Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. Yii’s dynamic object configuration, as implemented in...

8.6CVSS6.1AI score0.00346EPSS
Exploits0References5
CNVD
CNVD
added 2026/03/12 12:0 a.m.2 views

OpenClaw code issue vulnerability (CNVD-2026-13590)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...

8.6CVSS6AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.6 views

CVE-2026-28467

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

8.6CVSS5.9AI score0.00397EPSS
Exploits1References1
NVD
NVD
added 2026/03/05 10:16 p.m.7 views

CVE-2026-28467

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

8.6CVSS0.00397EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.27 views

CVE-2026-28467 OpenClaw < 2026.2.2 - SSRF via Attachment Media URL Hydration

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.5CVSS0.00397EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/05 9:59 p.m.5 views

EUVD-2026-9913

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.9CVSS6AI score0.00397EPSS
Exploits1References4
CVE
CVE
added 2026/03/05 9:59 p.m.12 views

CVE-2026-28467

OpenClaw (npm package) before 2026.2.2 is affected by a server-side request forgery in attachment/media URL hydration. An attacker who can influence media URLs via model-controlled sendAttachment or auto-reply could trigger SSRF to internal resources and exfiltrate fetched bytes as outbound attac...

8.6CVSS6AI score0.00397EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/05 9:59 p.m.3 views

CVE-2026-28467 OpenClaw < 2026.2.2 - SSRF via Attachment Media URL Hydration

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.5CVSS5.9AI score0.00397EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/05 9:59 p.m.4 views

CVE-2026-28467

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.9CVSS6AI score0.00397EPSS
Exploits1References5
OSV
OSV
added 2026/03/05 9:59 p.m.3 views

CVE-2026-28467 OpenClaw < 2026.2.2 - SSRF via Attachment Media URL Hydration

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.3CVSS6.1AI score0.00397EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

OpenClaw 代码问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...

8.6CVSS6AI score0.00397EPSS
Exploits1References4
OSV
OSV
added 2026/03/02 11:34 p.m.4 views

GHSA-FQCM-97M6-W7RM OpenClaw: Message action attachment hydration bypasses local media root checks when sandboxRoot is unset

Impact sendAttachment and setGroupIcon message actions could hydrate media from local absolute paths when sandboxRoot was unset, bypassing intended local media root checks. This could allow reads of arbitrary host files reachable by the runtime user when an authorized message-action path was...

8.7CVSS6AI score0.00372EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/02 11:34 p.m.10 views

OpenClaw: Message action attachment hydration bypasses local media root checks when sandboxRoot is unset

Impact sendAttachment and setGroupIcon message actions could hydrate media from local absolute paths when sandboxRoot was unset, bypassing intended local media root checks. This could allow reads of arbitrary host files reachable by the runtime user when an authorized message-action path was...

7.1CVSS6AI score0.00372EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/26 10:25 p.m.9 views

Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError...

5.4CVSS5.4AI score0.00226EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder