CVE-2026-20093

Cisco IMC contains an authentication bypass vulnerability in its change-password flow. The issue arises from incorrect handling of password-change requests, allowing an unauthenticated, remote attacker to send a crafted HTTP request and bypass authentication, potentially altering any user passwor...

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

PT-2026-29556

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC versions prior to 4.15.5, Catalyst 8300 Edge uCPE versions prior to 4.18.3, UCS C-Series M5/M6 standalone versions prior to 4.32.260007/4.36.260017/6.01.250174, UCS E-Series M3 versions prior to...

PT-2026-29558

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation

Summary The /pair approve command path called device approval without forwarding caller scopes into the core approval check. Impact A caller that held pairing privileges but not admin privileges could approve a pending device request asking for broader scopes, including admin access. Affected...

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

CVE-2026-3468

A stored Cross-Site Scripting XSS vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code...

CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

CVE-2026-34739

The CVE concerns WWBN AVideo (open source video platform). In AVideo versions up to 26.0, the User_Location plugin’s testIP.php reflects the ip parameter directly into an HTML input without HTML-encoding, enabling reflected XSS. Although the page is admin-restricted, SameSite=None cookies enable ...

CVE-2026-3468

A stored Cross-Site Scripting XSS vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization due to missing validation of caller scopes in the pair approve process. An attacker can gain unauthorized administrative access by approving device requests for...

GHSA-F275-5H5C-5WG5 Duplicate Advisory: OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hc5h-pmr3-3497. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails ...

Duplicate Advisory: OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hc5h-pmr3-3497. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails ...

CVE-2026-33579 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

CVE-2026-33579 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

CVE-2026-33579

Technical details, affected products, and remediation are not provided in the supplied documents. Monitor for updates.

PT-2026-29344

Name of the Vulnerable Software and Affected Versions SonicWall Email Security affected versions not specified Description A stored Cross-Site Scripting XSS issue exists in the SonicWall Email Security appliance. This is due to insufficient sanitization of user-provided data when creating web...

Security Bulletin: Incorrect administrative access control in IBM DataPower Gateway

Summary This issue allowed valid administrative users to see services within domains to which they should have had no access. Vulnerability Details CVEID:CVE-2025-36373 DESCRIPTION: IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user...

EUVD-2026-16719

AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket...

GHSA-2MG4-PFGX-64CF AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()

Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...