4020 matches found
OM Workspace 代码问题漏洞
OM Workspace is a digital collaboration platform developed by the Japanese company OM. Versions of OM Workspace Windows Edition 2.4 and earlier contained code-related vulnerabilities. These vulnerabilities stemmed from the installer’s insecure loading of dynamic link libraries, which could allow...
ide-task-rce
⚡ IDE Folder-Open RCE: Automatic Task Execution Vulnerability...
Sensitive Information Exposure
github.com/coder/coder/v2 is vulnerable to Sensitive Information Exposure. The vulnerability is due to logging of Workspace Agent manifests containing sensitive values in plaintext without sanitization, which allows an attacker with access to logs to retrieve confidential information...
OpenClaw Backlink Vulnerability (CNVD-2026-14858)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to read arbitrary files outside the boundaries of the configuration workspace...
OpenClaw backlink vulnerability (CNVD-2026-14861)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to read and write files outside the agent's workspace, which in turn can be used to execute code via a file overwrite attack...
OpenClaw path traversal vulnerability (CNVD-2026-14848)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read files outside of the workspace...
OpenClaw has an unspecified vulnerability (CNVD-2026-14838)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a failure to enforce sender authorization checks on interactive callbacks in shared workspace deployments, which can be exploited by an attacker to cause...
OpenClaw Information Disclosure Vulnerability (CNVD-2026-14826)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability that stems from the failure of a sandbox mirroring tool to enforce the tools.fs.workspaceOnly restriction on mounted sandbox paths, which can be exploited by an...
PT-2026-27145
A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of the component Password Login. The manipulation leads to improper authentication. The attack is...
GHSA-9F79-7PW8-3FJ8 Duplicate Advisory: OpenClaw: workspace path guard bypass on non-existent out-of-root symlink leaf
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mgrq-9f93-wpp5. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that...
Duplicate Advisory: OpenClaw: workspace path guard bypass on non-existent out-of-root symlink leaf
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mgrq-9f93-wpp5. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that...
CVE-2026-32055
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
CVE-2026-32055
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
CVE-2026-32055
OpenClaw is affected: versions prior to 2026.2.26 contain a path traversal flaw in workspace boundary validation. The boundary check may mis-resolve aliases, allowing the first write operation to escape the workspace via in-workspace symlinks to non-existent out‑of‑root targets, enabling files to...
CVE-2026-32055 OpenClaw < 2026.2.26 - Workspace Path Boundary Bypass via Non-existent Symlink
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
CVE-2026-32055 OpenClaw < 2026.2.26 - Workspace Path Boundary Bypass via Non-existent Symlink
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
EUVD-2026-13956
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
CVE-2026-32055
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
PT-2026-26737
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...
OpenClaw 路径遍历漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.26 had a path traversal vulnerability. This vulnerability stemmed from flaws in the workspace boundary validation, allowing for path traversal that could lead to file writing...