CVE-2026-32011

OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...

Express XSS Sanitizer 安全漏洞

Express XSS Sanitizer is used by AhmedAdelFahim Individual Developer to clean up user input data in req.body, req.query, req.headers, and req.params to prevent cross-site scripting XSS attacks. A security vulnerability exists in Express XSS Sanitizer 2.0.0 and prior versions, which stems from an...