CVE-2026-41339

OpenClaw vulnerability CVE-2026-41339 affects OpenClaw prior to 2026.4.2. The issue is an information disclosure via Gateway connect snapshots, where configPath and stateDir metadata are exposed to non-admin authenticated clients. This allows recovery of host-specific filesystem paths and deploym...

CVE-2026-41339

OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...

Missing Authorization

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Missing Authorization via the change-password endpoint, which lacks proper authorization checks. An attacker can gain administrative privileges by overwriting the password hash for the...

Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

GHSA-PRP4-2F49-FCGP Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

CVE-2026-4121

The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler admin/setting.php. The settings form does not include a wpnoncefield and the form processing code...

EUVD-2026-25224

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

CVE-2026-41460

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

EUVD-2025-5343

Cross-Site Request Forgery CSRF vulnerability in Required Admin Menu Manager allows Cross Site Request Forgery.This issue affects Admin Menu Manager: from n/a through 1.0.3...

Missing Authorization

Overview @paperclipai/ui is a Prebuilt Paperclip board UI assets. Affected versions of this package are vulnerable to Missing Authorization via import flow. An attacker can gain remote code execution using company creation endpoint that improperly checks for admin rights in authenticated mode...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the options/set endpoint. An attacker can set rc.NoAuth=true and override default AuthRequired: true which can lead to unauthorized access to sensitive administrative functionality,...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the options/set endpoint. An attacker can set rc.NoAuth=true and override default AuthRequired: true which can lead to unauthorized access to sensitive administrative functionality,...

CVE-2026-40471

CVE-2026-40471 affects the Hackage hackage-server where CSRF protection was lacking across endpoints. This could allow forged requests from scripts on foreign sites to abuse latent credentials, potentially uploading packages or performing administrative actions, with some unauthenticated actions ...

CVE-2026-40471

hackage-server lacked Cross-Site Request Forgery CSRF protection across its endpoints. Scripts on foreign sites could trigger requests to hackage server, possibly abusing latent credentials to upload packages or perform other administrative actions. Some unauthenticated actions could also be abus...

OpenC3 COSMOS: Permissions Bypass Provides User Access to Unassigned Administrative Actions via Script Runner Tool

Vulnerability Type: Execution with Unnecessary Privileges Attack type: Authenticated remote Impact: Data disclosure/manipulation, privilege escalation Affected components: The following docker images: • Openc3inc/openc3-COSMOS-script-runner-api The Script Runner widget allows users to execute...

GHSA-2WVH-87G2-89HR OpenC3 COSMOS: Permissions Bypass Provides User Access to Unassigned Administrative Actions via Script Runner Tool

Vulnerability Type: Execution with Unnecessary Privileges Attack type: Authenticated remote Impact: Data disclosure/manipulation, privilege escalation Affected components: The following docker images: • Openc3inc/openc3-COSMOS-script-runner-api The Script Runner widget allows users to execute...

CVE-2026-41460

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

CVE-2026-41460

CVE-2026-41460 (SocialEngine) affects SocialEngine versions 7.8.0 and earlier, with a SQL injection in the /activity/index/get-memberall endpoint. User input passed via the text parameter is not sanitized before being used in a SQL query. An unauthenticated remote attacker can read arbitrary data...

CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...