CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/20 4:3 p.m.•4 views

EUVD-2026-23887

ATTACKERKB•added 2026/04/20 4:3 p.m.•2 views

CVE-2026-25058

Exploits1References2Affected Software1

Vulnrichment•added 2026/04/20 4:3 p.m.•2 views

CVE-2026-25058 Vexa's unauthenticated internal transcript endpoint exposed by default

Cvelist•added 2026/04/20 4:3 p.m.•29 views

CVE-2026-25058 Vexa's unauthenticated internal transcript endpoint exposed by default

7.5CVSS0.00402EPSS

CVE•added 2026/04/20 4:3 p.m.•20 views

CVE-2026-25058

CVE-2026-25058 affects Vexa. The transcription-collector exposes an unauthenticated internal endpoint GET /internal/transcripts/{meeting_id}, allowing enumeration of meeting IDs and access to any user’s transcripts without authentication. Root cause: missing auth checks on the internal transcript...

Exploits1References1Affected Software1

EUVD•added 2026/03/29 3:30 p.m.•5 views

EUVD-2026-17024

OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output...

8.4CVSS5.9AI score0.0012EPSS

OSV•added 2026/03/29 3:30 p.m.•0 views

GHSA-9Q8J-CHC7-WPGP Duplicate Advisory: OpenClaw session transcript files were created without forced user-only permissions

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vr7j-g7jv-h5mp. This link is maintained to preserve external references. Original Description OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing loca...

8.4CVSS5.8AI score0.0012EPSS

Positive Technologies•added 2026/03/29 12:0 a.m.•3 views

PT-2026-28496

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.17 Description OpenClaw creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. An attacker with local access can read these transcript...

8.4CVSS5.9AI score0.0012EPSS

Exploits0References6

OSV•added 2026/03/27 2:29 p.m.•6 views

CVE-2026-33764 AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user wi...

4.3CVSS5.9AI score0.00214EPSS

Exploits1References4

Positive Technologies•added 2026/03/26 12:0 a.m.•11 views

PT-2026-28534

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The AVideo platform’s AI plugin contains a flaw in the save.json.php endpoint. This endpoint loads AI response objects using the $ REQUEST'id' parameter, which is controlled by the attacker,...

4.3CVSS5.9AI score0.00214EPSS

Exploits1References5

CVE•added 2026/03/19 10:7 p.m.•8 views

CVE-2026-32035

OpenClaw CVE-2026-32035 affects openclaw prior to 2026.3.2. The Discord voice transcript path in agentCommand omits senderIsOwner, causing the flag to default to true and enabling non-owner participants in mixed-trust channels to access owner-only tools (gateway, cron). Affected versions: ≤ 2026....

7.1CVSS5.8AI score0.00139EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/03/19 10:7 p.m.•2 views

CVE-2026-32035

OpenClaw versions prior to 2026.3.2 fail to pass the senderIsOwner flag when processing Discord voice transcripts in agentCommand, causing the flag to default to true. Non-owner voice participants can exploit this omission to access owner-only tools including gateway and cron functionality in...

5.9CVSS5.8AI score0.00139EPSS

Exploits0References3

EUVD•added 2026/03/19 10:7 p.m.•4 views

EUVD-2026-13318

5.9CVSS5.8AI score0.00139EPSS

Exploits0References2

Github Security Blog•added 2026/03/16 8:41 p.m.•8 views

OpenClaw session transcript files were created without forced user-only permissions

openclaw created new session transcript JSONL files with overly broad default permissions in affected releases. On multi-user hosts, other local users or processes could read transcript contents, including secrets that might appear in tool output. Affected Packages / Versions - Package: openclaw...

8.4CVSS5.8AI score0.0012EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2026/03/07 1:43 a.m.•5 views

CVE-2026-28459

OpenClaw versions prior to 2026.2.12 fail to validate the sessionFile path parameter, allowing authenticated gateway clients to write transcript data to arbitrary locations on the host filesystem. Attackers can supply a sessionFile path outside the sessions directory to create files and append da...

8.1CVSS5.9AI score0.00363EPSS

Exploits0References1

NVD•added 2026/03/05 10:16 p.m.•10 views

CVE-2026-28459

8.1CVSS0.00363EPSS

Snyk•added 2026/03/03 11:32 p.m.•2 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the WebSocket connect process. An attacker can inject unauthorized node.event messages by connecting with a shared gateway token and claiming role=node without...

5.4CVSS5.9AI score0.00268EPSS

Exploits0References2

OSV•added 2026/03/03 9:32 p.m.•3 views

GHSA-WPG9-4G4V-F9RC OpenClaw: Discord voice transcript owner-flag omission could expose owner-only tools in mixed-trust channels

Summary In [email protected], the Discord voice transcript path called agentCommand... without senderIsOwner, and agentCommand defaults missing senderIsOwner to true. This could allow a non-owner voice participant in the same channel to reach owner-only tool surfaces gateway, cron during voice...

5.9CVSS5.9AI score0.00139EPSS