Lucene search
K

3 matches found

OSV
OSV
added 2026/03/31 12:31 p.m.6 views

GHSA-8288-JPQP-95FX Duplicate Advisory: OpenClaw has Bypass in Webhook Rate Limiting via Pre-Authentication Secret Validation

Duplicate Advisory This advisory has been withdrawn because CVE-2026-34508 has been rejected as a duplicate of CVE-2026-34505. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.12 applies rate limiting only after webhook authentication succeeds,...

6.5CVSS5.7AI score0.00056EPSS
Exploits0References4
OSV
OSV
added 2025/05/19 7:15 p.m.6 views

GHSA-3HW7-QJ9H-R835 Gardener allows bypassing project secret validation which can lead to privilege escalation

A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations no matter of the public...

9.9CVSS7AI score0.00538EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/05/19 7:15 p.m.13 views

Gardener allows bypassing project secret validation which can lead to privilege escalation

A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations no matter of the public...

9.9CVSS6.8AI score0.00538EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder