Lucene search
K

1623 matches found

Snyk
Snyk
added 2026/04/03 2:54 a.m.5 views

Denial of Service (DoS)

Overview @openclaw/msteams is an OpenClaw Microsoft Teams channel plugin Affected versions of this package are vulnerable to Denial of Service DoS via the MS Teams webhook process. An attacker can cause resource exhaustion by sending unauthenticated requests that are parsed before proper JWT...

8.7CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/03 2:54 a.m.9 views

Denial of Service (DoS)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Denial of Service DoS via the MS Teams webhook process. An attacker can cause resource exhaustion by sending unauthenticated requests that are parsed before proper JWT validation. Details...

8.7CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 2:54 a.m.4 views

OpenClaw: MS Teams webhook parses body before JWT validation, enabling unauthenticated resource exhaustion

Summary MS Teams webhook parses body before JWT validation, enabling unauthenticated resource exhaustion Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: v2026.3.28 still parses Teams JSON after only a Bearer-prefix gate and before real JWT validation, and the...

8.7CVSS5.9AI score0.00481EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.7 views

PT-2026-30279

Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.83.0 Description A critical authentication bypass can occur in LiteLLM when JWT authentication is enabled, due to an OIDC userinfo cache key collision. The OIDC userinfo cache uses the first 20 characters of the tok...

9.4CVSS5.9AI score0.0049EPSS
Exploits1References12
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.6 views

Cloudreve 安全特征问题漏洞

Cloudreve is an open-source public cloud file system that supports multiple cloud storage drivers. Versions of Cloudreve prior to 4.13.0 have a security feature vulnerability. This vulnerability stems from the use of a weak pseudo-random number generator for generating security keys, which may le...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References3
NVD
NVD
added 2026/04/02 4:16 p.m.5 views

CVE-2026-33746

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS0.003EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 3:6 p.m.5 views

CVE-2026-33746 Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS5.9AI score0.003EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/02 3:6 p.m.6 views

EUVD-2026-18354

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS5.9AI score0.003EPSS
Exploits0References2
CVE
CVE
added 2026/04/02 3:6 p.m.11 views

CVE-2026-33746

Convoy (KVM server management panel) is vulnerable in versions 3.9.0-beta through

9.8CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29968

Name of the Vulnerable Software and Affected Versions fast-jwt affected versions not specified Description The fast-jwt library contains an incomplete fix for a JWT algorithm confusion issue. The public key matcher regex in fast-jwt/src/crypto.js uses a leading anchor that can be bypassed by...

9.1CVSS6.2AI score0.00687EPSS
Exploits2References11
CNVD
CNVD
added 2026/04/02 12:0 a.m.5 views

OpenBao Authorization Issues Vulnerability

OpenBao is OpenBao open source a sensitive data management software . OpenBao there is an authorization problem vulnerability , the vulnerability stems from JWT/OIDC login and role callbackmode is set to direct when the user is not prompted to confirm , an attacker can use this vulnerability lead...

9.6CVSS6.4AI score0.00411EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Convoy 数据伪造问题漏洞

Convoy is an open-source platform developed by Convoy for hosting providers and enthusiasts. Versions of Convoy from 3.9.0-beta to 4.5.1 contained a data manipulation vulnerability due to insufficient validation of JWT token signatures, which could lead to authentication bypasses...

9.8CVSS5.7AI score0.003EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 11:9 p.m.4 views

GHSA-VM9R-H74P-HG97 jose vulnerable to untrusted JWK header key acceptance during signature verification

Impact A vulnerability in jose versions up to and including 0.3.5 could allow an unauthenticated, remote attacker to forge valid JWS/JWT tokens by using a key embedded in the JOSE header jwk. The vulnerability exists because key selection could treat header-provided jwk as a verification candidat...

7.5CVSS5.9AI score0.0013EPSS
Exploits0References4
NVD
NVD
added 2026/03/31 4:16 p.m.5 views

CVE-2026-34240

JOSE is a Javascript Object Signing and Encryption JOSE library. Prior to version 0.3.5+1, a vulnerability in jose could allow an unauthenticated, remote attacker to forge valid JWS/JWT tokens by using a key embedded in the JOSE header jwk. The vulnerability exists because key selection could tre...

7.5CVSS0.0013EPSS
Exploits0References2
NVD
NVD
added 2026/03/30 9:17 p.m.3 views

CVE-2026-31946

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...

9.8CVSS0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 8:31 p.m.17 views

CVE-2026-31946 OpenOLAT: Authentication bypass via forged JWT in OIDC implicit flow

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...

9.8CVSS0.00206EPSS
Exploits0References1
CVE
CVE
added 2026/03/30 8:31 p.m.13 views

CVE-2026-31946

OpenOLAT OpenID Connect implicit flow (versions 10.5.4–before 20.2.5) does not verify JWT signatures. The JSONWebToken.parse() method discards the signature segment, and getAccessToken() validates only issuer/audience/state/nonce, without cryptographic verification against the IdP’s JWKS. This ca...

9.8CVSS5.8AI score0.00206EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/30 8:31 p.m.3 views

EUVD-2026-17207

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...

9.8CVSS5.8AI score0.00206EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.8 views

NewStart CGSL MAIN 7.02 : ceph Vulnerability (NS-SA-2026-0039)

The remote NewStart CGSL host, running version MAIN 7.02, has ceph packages installed that are affected by a vulnerability: - Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has none as JWT alg. And by doing so the J...

8.1CVSS5.9AI score0.00192EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/27 5:0 p.m.4 views

CVE-2026-33758

A flaw was found in OpenBao. Installations that have an OIDC/JWT authentication method enabled with a role configured to use callbackmode=direct are vulnerable to XSS via the errordescription parameter on the page for a failed authentication. This allows an attacker to access the token used by an...

9.6CVSS5.9AI score0.00287EPSS
Exploits0References7
Rows per page
Query Builder