NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

Impact When @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Whe...

Note Mark 授权问题漏洞

Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Version 0.19.2 of Note Mark contains an authorization vulnerability. This vulnerability stems from the IsPasswordMatch function falling back to a hardcoded bcrypt empty password placeholder, allowing unauthenticate...

CVE-2026-35638

OpenClaw prior to 2026.3.22 exposes a privilege escalation in the Control UI. The vulnerability allows unauthenticated sessions to retain self-declared privileged scopes due to a device-less allow path in the trusted-proxy mechanism, bypassing device identity verification. Affected software compo...

CVE-2026-35638 OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mechanism to maintai...

CVE-2026-35638 OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mechanism to maintai...

PT-2026-31773

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.22 Description OpenClaw contains a privilege escalation issue in the Control UI. Unauthenticated sessions can retain self-declared privileged scopes without device identity verification. Attackers can exploit...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from the Control UI, which allowed unauthenticated sessions to retain the scope of privileges granted by...

CVE-2026-30970

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30970

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

EUVD-2026-10708

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-2742 Unauthorized session creation via reserved framework path access

An authentication bypass vulnerability exists in Vaadin 14.0.0 through 14.14.0, 23.0.0 through 23.6.6, 24.0.0 through 24.9.7 and 25.0.0 through 25.0.1, applications using Spring Security due to inconsistent path pattern matching of reserved framework paths. Accessing the /VAADIN endpoint without ...

CVE-2026-25791 Sliver has a DNS C2 OTP Bypass Allows Unauthenticated Session Flooding and Denial of Service

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored...

CVE-2026-25791

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored...

CVE-2026-25791

Sliver (CVE-2026-25791) reports a DNS C2 OTP bypass where the DNS listener accepts unauthenticated TOTP bootstrap messages and allocates sessions without OTP validation, even with EnforceOTP enabled. This allows unauthenticated remote session creation leading to memory exhaustion and denial of se...

CVE-2025-62004

BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0,...

CVE-2025-62004 BullWall Server Intrusion Protection (SIP) initialization race condition

BullWall Server Intrusion Protection SIP services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP...

PT-2025-52342

Name of the Vulnerable Software and Affected Versions BullWall versions 4.6.0.0 through 4.6.1.4 Description BullWall Server Intrusion Protection services start after login services. An attacker who is already authenticated and has administrative privileges can log in following a system boot,...

EUVD-2011-1508

Malware in sbrugna...

EUVD-2020-25808

Malware in sbrugna...