Lucene search
K

5 matches found

NVD
NVD
added 2026/06/26 5:16 p.m.8 views

CVE-2026-45408

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 9:31 p.m.12 views

EUVD-2026-28195

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime...

8.8CVSS5.9AI score0.00362EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 8:16 p.m.8 views

CVE-2026-44115

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime...

8.8CVSS0.00362EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-38248

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description An exec allowlist analysis issue allows shell expansion to be hidden within unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc...

8.8CVSS6.1AI score0.00362EPSS
Exploits0References17
Github Security Blog
Github Security Blog
added 2026/05/04 8:23 p.m.14 views

OpenClaw's exec allowlist analysis rejects shell expansion in unquoted heredocs

Summary Exec allowlist analysis rejects shell expansion in unquoted heredocs Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact An allowlisted command containing an unquoted heredoc could hide shell expansion in the heredoc body...

5.8AI score
Exploits0References3Affected Software1
Rows per page
Query Builder