992 matches found
OpenClaw: macOS Tailnet DNS Spoofing & Credential Exfiltration
Summary macOS Wide-Area Discovery Accepts Arbitrary Tailnet Peer as DNS Authority and Exfiltrates Operator Credentials Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped macOS discovery steering bug, but exploitation needs same-tailnet position, a...
PT-2026-29983
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-24060
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
CVE-2026-28886
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may ...
CVE-2026-28865
An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker in a privileged network position ma...
CVE-2026-24060
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
CVE-2026-24060
This CVE (CVE-2026-24060) concerns Automated Logic WebCTRL Premium Server where BACnet traffic is sent in cleartext, allowing on-wire sniffing/interception and potential modification. The issue exposes sensitive data such as File Start Position and File Data; Wireshark BACnet dissector can reveal...
CVE-2026-24060
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
PT-2026-26712
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
Nextcloud: position: fixed !important bypasses CSS sanitizer's fixed-position mitigation, enabling full-viewport phishing overlays.
A vulnerability was discovered in the CSS sanitization process of the Roundcube webmail application. The sanitizer failed to properly handle the "position: fixed !important" CSS declaration, allowing an attacker to bypass the mitigation for fixed-position overlays. This could enable the creation ...
EUVD-2026-9418
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or...
CVE-2026-2932
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...
CVE-2026-2932 YiFang CMS Extended Management D_adPosition.php update cross site scripting
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...
CVE-2025-9293
The CVE-2025-9293 entry describes a vulnerability in TLS certificate validation across multiple mobile applications. Root cause: insufficient validation of server identities during TLS, enabling an attacker in a privileged network position to intercept or modify traffic. Impact includes confident...
CVE-2026-20650
A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...
CVE-2026-20650
A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...
CVE-2026-20650
A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...
CVE-2026-1897
A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to...
CVE-2026-1897
A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to...
CVE-2026-1897
A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to...