Ech0 has SSRF via DNS Resolution Bypass in Webhook URL Validation

Summary The validateWebhookURL function in webhooksettingservice.go attempts to block webhooks targeting private/internal IP addresses, but only checks literal IP strings via net.ParseIP. Hostnames that DNS-resolve to private IPs e.g., 169.254.169.254.nip.io, 10.0.0.1.nip.io bypass all checks,...

GHSA-8FRJ-8Q3M-XHGM PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhook_url in Jobs API

Summary The /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An unauthenticated attacker can use this to make the server...

Server-side Request Forgery (SSRF)

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhook_url in Jobs API

Summary The /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An unauthenticated attacker can use this to make the server...

EUVD-2026-21158

PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhookurl in Jobs API...

CVE-2026-39961

Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...

EUVD-2026-20965

Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource...

CVE-2026-35670

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

CVE-2026-35665

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources by sending...

CVE-2026-35670

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

CVE-2026-35670 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

CVE-2026-35670 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

EUVD-2026-21486

OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...

CVE-2026-35670

OpenClaw/OpenClaw Synology Chat integration is affected: before 2026.3.22, webhook replies can be rebound to unintended users due to mutable username matching instead of the stable numeric user_id recorded by webhook events. This enables attackers to manipulate username changes to redirect webhoo...

EUVD-2026-21476

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources by sending...

CVE-2026-35665

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources by sending...

CVE-2026-35665

OpenClaw CVE-2026-35665 details a Denial of Service via pre-auth body parsing in the Feishu webhook handler. The Feishu extension still uses permissive pre-auth limits (1 MB body, 30 s timeout) before signature verification, unlike other webhook handlers that were patched to 64 KB / 5 s. Attacker...

CVE-2026-35665 OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources by sending...

CVE-2026-35665 OpenClaw < 2026.3.24 - Denial of Service via Feishu Webhook Pre-Auth Body Parsing

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources by sending...

EUVD-2026-21110

OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling that buffers request bodies before provider signature checks. Attackers can send large or malicious webhook requests to exhaust server resources without authentication by bypassi...