Lucene search
K

85795 matches found

Circl
Circl
added 2026/06/12 9:0 p.m.7 views

CVE-2026-24136

creationtimestamp| type| source ---|---|--- 2026-06-12 21:00:04+00:00| published-proof-of-concept| Telegram/8OrsKfIYkEk0-8uPkb8MstgNwn2ZcQVuOnxP5IJIO77AEwY...

8.7CVSS5.8AI score0.00364EPSS
Exploits1
Circl
Circl
added 2026/06/12 3:0 p.m.6 views

CVE-2026-37196

creationtimestamp| type| source ---|---|--- 2026-06-12 15:00:15+00:00| published-proof-of-concept| Telegram/dYnKFurVtgNy90Xs0mFeVx8-TbNcz9O3JjBeFuNn5wMACvE...

5.8AI score
Exploits1
Circl
Circl
added 2026/06/12 3:0 p.m.10 views

CVE-2026-53647

creationtimestamp| type| source ---|---|--- 2026-06-12 15:00:07+00:00| published-proof-of-concept| Telegram/ycLXaxSGB-ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y 2026-07-06 23:56:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpzc5d4mqg22...

6.9CVSS5.9AI score0.0042EPSS
Exploits1References1
Circl
Circl
added 2026/06/12 11:0 a.m.7 views

CVE-2026-53646

creationtimestamp| type| source ---|---|--- 2026-06-12 11:00:12+00:00| published-proof-of-concept| Telegram/YXCyRYfB5puG4zVuSsqFt0CqpucG34vnwOdsG1DKfw8sOUE 2026-06-12 15:00:07+00:00| published-proof-of-concept| Telegram/ycLXaxSGB-ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y 2026-07-07 00:59:15+00:00| see...

7.7CVSS5.9AI score0.00215EPSS
Exploits1References1
Circl
Circl
added 2026/06/12 7:0 a.m.6 views

CVE-2026-46645

creationtimestamp| type| source ---|---|--- 2026-06-12 07:00:12+00:00| published-proof-of-concept| Telegram/j7dvhapQ8jKj3IljPE9xOUYg2H-CzPIm6g4IxbeEgHulAw...

4.3CVSS5.8AI score0.00279EPSS
Exploits1
NVD
NVD
added 2026/06/11 9:16 p.m.10 views

CVE-2026-53807

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied,...

8.8CVSS0.00312EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 8:5 p.m.32 views

CVE-2026-53807 OpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFrom

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied,...

8.8CVSS0.00312EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:5 p.m.23 views

CVE-2026-53807

OpenClaw prior to 2026.5.6 is vulnerable to an authorization bypass in Telegram interactive callbacks via commands.allowFrom. An authenticated user can invoke affected callbacks to bypass allowlist validation and mark themselves as authorized senders, enabling command behavior outside Telegram se...

8.8CVSS5.5AI score0.00312EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/11 8:5 p.m.13 views

EUVD-2026-36313

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied,...

8.8CVSS5.5AI score0.00312EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:5 p.m.13 views

CVE-2026-53807 OpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFrom

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied,...

8.8CVSS5.2AI score0.00312EPSS
Exploits0References2
Circl
Circl
added 2026/06/11 3:0 p.m.7 views

CVE-2026-36213

creationtimestamp| type| source ---|---|--- 2026-06-11 15:00:06+00:00| published-proof-of-concept| Telegram/P4OAF6tyxAIVXeyizy-TP1JEXG6oDmgsdsL3rMnBYotsT0...

7.8CVSS5.8AI score0.00479EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2026/06/11 1:0 p.m.31 views

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

Introduction The underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for ful...

6.2AI score
Exploits0
Circl
Circl
added 2026/06/11 9:0 a.m.10 views

CVE-2026-44166

creationtimestamp| type| source ---|---|--- 2026-06-11 09:00:04+00:00| published-proof-of-concept| Telegram/X3d0ovB01fXeFh1HIc4iOWU-yKPAhiRlXClKZPas190B7A...

7.6CVSS5.8AI score0.00247EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/06/11 7:7 a.m.103 views

CVEAlertor

CVEAlertor Get an instant Telegram alert the moment a new C...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 6:17 a.m.13 views

Malicious code in telebot-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d3c49bb558149b55f90b708ff47e24f6f856a88abb4b2ed477633c3df43d4e2 The package advertises itself as a configurable Telegram bot server README and.env.example reference TELEGRAMBOTTOKEN and ALLOWEDUSERIDS, but the cod...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:41 a.m.13 views

Malicious code in spotify-url-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d48e77a28430ecc01968323c62517a7928f9c0db72e086a64eb87e1b63f33b7 On require'spotify-url-resolver', index.js line 21 invokes startBackupLoop at module top level. The loop zips process.cwd the installer's project roo...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 4:41 a.m.12 views

MAL-2026-5574 Malicious code in spotify-url-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d48e77a28430ecc01968323c62517a7928f9c0db72e086a64eb87e1b63f33b7 On require'spotify-url-resolver', index.js line 21 invokes startBackupLoop at module top level. The loop zips process.cwd the installer's project roo...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 2:58 a.m.12 views

Malicious code in solana-web3-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 202fa4daf22c4ecace931dfbdbeee6821fe42c14956d35c763c55051528dee12 Package masquerades as the official @solana/web3.js SDK name solana-web3-community, author 'Solana Labs Maintainers ', repository...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/06/11 2:58 a.m.28 views

MAL-2026-5560 Malicious code in solana-web3-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 202fa4daf22c4ecace931dfbdbeee6821fe42c14956d35c763c55051528dee12 Package masquerades as the official @solana/web3.js SDK name solana-web3-community, author 'Solana Labs Maintainers ', repository...

5.5AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.16 views

PT-2026-48737

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description An authorization bypass exists in Telegram interactive callbacks. Authenticated users can bypass the commands.allowFrom validation by invoking affected callbacks to mark themselves as authorized...

8.8CVSS5.5AI score0.00312EPSS
Exploits0References4
Rows per page
Query Builder