86965 matches found
Rclone 1.45.x < 1.73.5 Authentication Bypass (CVE-2026-41176)
The version of Rclone installed on the remote host is 1.45.x prior to 1.73.5. It is, therefore, affected by an authentication bypass vulnerability: - The RC endpoint options/set is exposed without AuthRequired, but it can mutate global runtime configuration, including the RC option block itself. ...
SimpleHelp Path Traversal Vulnerability
SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file i.e. zip slip. This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user...
SimpleHelp Missing Authorization Vulnerability
SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role...
CVE-2025-67259
Affects ClassroomIO v0.1.13. A Broken Access Control vulnerability allows an authenticated low-privilege student to access unauthorized course information by altering intercepted API requests. Specifically, changing a captured POST request to a GET against the /rest/v1/course PostgREST endpoint e...
CVE-2026-40431 SenseLive X3050 Cleartext transmission of sensitive information
A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same...
CVE-2026-35503
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...
CVE-2026-35503 SenseLive X3050 Use of Hard-coded Credentials
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...
Exploit for OS Command Injection in Zyxel Vmg8623-T50B_Firmware
CVE-2026-1459-POC POC for the CVE-2026-1459 which payload c...
CVE-2026-41344
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...
CVE-2026-41339
OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...
CVE-2026-41359
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...
CVE-2026-41359
OpenClaw prior to version 2026.3.28 contains a privilege escalation vulnerability. Authenticated operators with write permissions can access admin-class Telegram configuration and cron persistence settings via the send endpoint due to insufficient access controls. The CVE entry notes a CVSS v3.1/...
CVE-2026-41359 OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...
CVE-2026-41344
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...
CVE-2026-41344 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...
CVE-2026-41344 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...
CVE-2026-41344
OpenClaw
CVE-2026-41339 OpenClaw < 2026.4.2 - Information Disclosure via Gateway Connect Snapshot
OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...
CVE-2026-41339
OpenClaw vulnerability CVE-2026-41339 affects OpenClaw prior to 2026.4.2. The issue is an information disclosure via Gateway connect snapshots, where configPath and stateDir metadata are exposed to non-admin authenticated clients. This allows recovery of host-specific filesystem paths and deploym...
CVE-2026-41339
OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...