Lucene search
K

4 matches found

Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...

7.7CVSS0.0056EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/31 11:17 a.m.24 views

CVE-2026-32976 OpenClaw < 2026.3.11 - Account-Scoped configWrites Policy Bypass via Channel Commands

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel commands to mutate protected sibling-account configuration despite configWrites restrictions. Attackers with authorized access on one account can execute channel commands like /config set channels..accounts...

7.1CVSS0.00194EPSS
Exploits0References2
OSV
OSV
added 2026/03/04 6:56 p.m.5 views

GHSA-VJP8-WPRM-2JW9 OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access

Summary OpenClaw had account-scope gaps in pairing-store access for DM pairing policy, which could let a pairing approval from one account authorize the same sender on another account in multi-account setups. Impact This is an authorization-boundary weakness in multi-account channel deployments. ...

3.7CVSS6AI score0.00165EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/04 6:56 p.m.8 views

OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access

Summary OpenClaw had account-scope gaps in pairing-store access for DM pairing policy, which could let a pairing approval from one account authorize the same sender on another account in multi-account setups. Impact This is an authorization-boundary weakness in multi-account channel deployments. ...

8.1CVSS6AI score0.00165EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder