CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 3 days ago•2 views

CVE-2026-49140 Nanobot < 0.2.1 Denial of Service via Matrix Media Download Handler

5.3CVSS5.8AI score0.00039EPSS

Cvelist•added 3 days ago•22 views

CVE-2026-49140 Nanobot < 0.2.1 Denial of Service via Matrix Media Download Handler

5.3CVSS0.00039EPSS

CNNVD•added 3 days ago•3 views

Nanobot security vulnerabilities

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained a security vulnerability. This vulnerability stemmed from a denial-of-service issue in the media download processing routine of the Matrix channel. It could allow...

5.3CVSS5.8AI score0.00039EPSS

CVE•added 2026/05/27 5:27 p.m.•6 views

CVE-2026-42553

Cinny (Matrix client) before version 4.10.3 is affected by a token-disclosure vulnerability in two parts: (1) EmojiBoard fallback uses an untrusted pack.meta.avatar as a MXC URL, enabling an attacker-controlled HTTP(S) URL in a malicious emote pack; (2) the service worker attaches the user’s Auth...

7.1CVSS5.9AI score0.00165EPSS

Vulnrichment•added 2026/05/27 5:27 p.m.•4 views

CVE-2026-42553 Cinny: Access token disclosure via invalidated emoji pack avatar URL in service worker

Cinny is a Matrix client. Prior to 4.10.3, A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes for example in a DM can cause the victim's client to send their Matrix access token to an attacker-controlled server. This occurs when the victim...

7.1CVSS5.9AI score0.00165EPSS

Cvelist•added 2026/05/27 5:27 p.m.•32 views

CVE-2026-42553 Cinny: Access token disclosure via invalidated emoji pack avatar URL in service worker

7.1CVSS0.00165EPSS

OSV•added 2026/05/07 4:40 p.m.•0 views

GHSA-J944-W549-3453 Cinny vulnerable to access token disclosure via invalidated emoji pack avatar URL in service worker

Impact A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes for example in a DM can cause the victim's client to send their Matrix access token to an attacker-controlled server. This occurs when the victim opens the emoji or sticker picker for...

7.1CVSS5.9AI score0.00165EPSS

OSV•added 2026/05/04 9:19 p.m.•0 views

GHSA-QFF7-Q5FM-8P76 AzuraCast has Missing Permissions Check on Media File Download, Allowing Cross-Station Data Exfiltration

Summary The GET /api/station/stationid/file/id/play endpoint, handled by PlayAction, is missing the Middleware\Permissions check that protects all sibling routes in the same /file/id route group. Any authenticated user can download media files from any station, regardless of whether they have...

6.5CVSS5.8AI score

Github Security Blog•added 2026/05/04 9:19 p.m.•5 views

AzuraCast has Missing Permissions Check on Media File Download, Allowing Cross-Station Data Exfiltration

5.8AI score

Exploits0References3Affected Software1

NVD•added 2026/04/28 7:37 p.m.•0 views

CVE-2026-41914

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies...

8.5CVSS0.00036EPSS

EUVD•added 2026/04/28 6:10 p.m.•0 views

EUVD-2026-26120

8.5CVSS5.2AI score0.00036EPSS

ATTACKERKB•added 2026/04/28 6:10 p.m.•0 views

CVE-2026-41408

OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...

4.3CVSS5.2AI score0.00051EPSS

EUVD•added 2026/04/24 12:31 a.m.•0 views

EUVD-2026-25329

OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by crafting malicious cross-origin redirect chains to intercept sensitive authorization credentials...

NVD•added 2026/04/23 10:16 p.m.•1 views

CVE-2026-41345

6CVSS0.00037EPSS

Vulnrichment•added 2026/04/23 9:58 p.m.•0 views

CVE-2026-41345 OpenClaw < 2026.3.31 - Authorization Header Leak via Cross-Origin Redirect in Media Download

6CVSS5.2AI score0.00037EPSS

ATTACKERKB•added 2026/04/23 9:58 p.m.•0 views

CVE-2026-41345

CVE•added 2026/04/23 9:58 p.m.•3 views

CVE-2026-41345

OpenClaw is affected by a credential exposure vulnerability in its media download flow prior to version 2026.3.31. The root cause is the forwarding of Authorization headers across cross-origin redirects, which can be exploited by crafted cross-origin redirect chains to intercept sensitive credent...

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/23 12:0 a.m.•0 views

PT-2026-34776

CNNVD•added 2026/04/23 12:0 a.m.•4 views

Exploits0References5

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a credential exposure vulnerability in the media download function. This function forwards Authorizatio...