Lucene search
+L

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.8 views

PT-2026-31981

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

6CVSS5.8AI score0.00236EPSS
Exploits0References5
CVE
CVE
added 2026/02/21 10:16 a.m.15 views

CVE-2026-27492

Lettermint Node.js SDK (npm package lettermint) is vulnerable in versions ≤ 1.5.0 where email properties (to, subject, html, text, attachments) are not reset between sends when a single client instance is reused across multiple .send() calls. This state leakage can cause content or recipient addr...

4.7CVSS5.4AI score0.00166EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2025/05/09 3:54 a.m.14 views

Address Spoofing

base-x is vulnerable to Address spoofing. The vulnerability is due to improper handling of leading zero bytes during encoding, which allows an attacker to create visually similar addresses and mislead users into sending funds to unintended recipients...

8.7CVSS6.6AI score0.00354EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/13 1:36 a.m.28 views

GHSA-9V72-P5P3-9W65 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins-mailer-plugin

jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in ra...

3.7CVSS5.9AI score0.01633EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.21 views

Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:226)

A bug in enigmail, the GPG support extension for Mozilla MailNews and Mozilla Thunderbird was discovered that could lead to the encryption of an email with the wrong public key. This could potentially disclose confidential data to unintended recipients. The updated packages have been patched to...

5CVSS5.4AI score0.01782EPSS
Exploits0References1
Rows per page
Query Builder