32 matches found
CVE-2025-26240
In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...
CVE-2025-26240
The CVE-2025-26240 entry affects JazzCore’s python-pdfkit 1.0.0, where the from_string method allows JavaScript to execute within the server context and enables exfiltration of local files. This indicates a server-side execution vector with high impact on confidentiality, integrity, and availabil...
Amazon Linux 2 : yelp, --advisory ALAS2-2026-3337 (ALAS-2026-3337)
The version of yelp installed on the remote host is prior to 3.28.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3337 advisory. A sandbox escape vulnerability was found in yelp, the GNOME help viewer. Bypassing the fix for CVE-2025-3155, a malicious help docume...
CVE-2026-45088
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through...
EUVD-2026-31386
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-9264
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
PT-2026-42704
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-42424
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated...
CVE-2026-42424
OpenClaw before 2026.4.8 is affected by a local exfiltration vulnerability via shared reply MEDIA paths. The root cause is that shared reply MEDIA paths are treated as trusted, allowing crafted references to cause another channel to read local file paths as trusted media. Affected package: opencl...
EUVD-2026-26127
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated...
CVE-2026-42424 OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Reply MEDIA Paths
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated...
CVE-2026-42424 OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Reply MEDIA Paths
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated...
PT-2026-35803
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated...
GHSA-QQQ7-4HXC-X63C OpenClaw: Shared reply MEDIA - paths are treated as trusted and can trigger cross-channel local file exfiltration
Impact Shared reply MEDIA: paths are treated as trusted and can trigger cross-channel local file exfiltration. A crafted shared reply MEDIA reference could cause another channel to read a local file path as trusted generated media. OpenClaw is a user-controlled local assistant. This advisory is...
CVE-2026-32008
OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through the html2BlockDOM handler in kernel/api/lute.go and the asset-copying process in the desktop publish service. An attacker can exfiltrate sensitive local files readable by the desktop process by submitting HTM...
OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection
Summary A malicious or compromised MCP Model Context Protocol tool server can exfiltrate arbitrary local files from the host system by injecting MEDIA: directives into tool result text content. OpenClaw's tool result processing pipeline extracts file paths from MEDIA: tokens without source-level...
GHSA-JJGJ-CPP9-CVPV OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection
Summary A malicious or compromised MCP Model Context Protocol tool server can exfiltrate arbitrary local files from the host system by injecting MEDIA: directives into tool result text content. OpenClaw's tool result processing pipeline extracts file paths from MEDIA: tokens without source-level...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
EUVD-2021-15341
Malware in sbrugna...