Lucene search
K

87078 matches found

Vulnrichment
Vulnrichment
added 2026/04/07 7:37 p.m.3 views

CVE-2026-39374 Plane IDOR: Cross-Project Issue Date Modification via Bulk Update Endpoint

Plane is an an open-source project management tool. Prior to 1.3.0, the IssueBulkUpdateDateEndpoint allows a project member ADMIN or MEMBER to modify the startdate and targetdate of ANY issue across the entire Plane instance, regardless of workspace or project membership. The endpoint fetches...

6.5CVSS5.9AI score0.00208EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 6:20 p.m.15 views

CVE-2026-39347 OrangeHRM's Self‑Appraisal Submission of Admin Users Can Be Modified After Completion

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source accepts changes to self-appraisal submissions for administrator users after those submissions have been marked completed, breaking integrity of finalized appraisal records. This vulnerability...

5.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 6:20 p.m.3 views

CVE-2026-39347 OrangeHRM's Self‑Appraisal Submission of Admin Users Can Be Modified After Completion

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source accepts changes to self-appraisal submissions for administrator users after those submissions have been marked completed, breaking integrity of finalized appraisal records. This vulnerability...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2026/04/07 6:20 p.m.6 views

CVE-2026-39347

OrangeHRM Open Source vulnerability CVE-2026-39347 affects versions 5.0–5.8 where admin self-appraisal submissions can be modified after being marked completed, compromising integrity of finalized appraisal records. The issue is resolved in 5.8.1. Affected product: OrangeHRM Open Source; vulnerab...

5.1CVSS5.9AI score0.00172EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/07 6:16 p.m.2 views

CVE-2026-39335

ChurchCRM is an open-source church management system. Prior to 7.1.1, there is Stored XSS in group remove control and family editor state/country. This is primarily an admin-to-admin stored XSS path when writable entity fields are abused. This vulnerability is fixed in 7.1.1...

6.1CVSS0.00252EPSS
Exploits1References1
NVD
NVD
added 2026/04/07 6:16 p.m.8 views

CVE-2026-39328

ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting vulnerability exists in ChurchCRM's person profile editing functionality. Non-administrative users who have the EditSelf permission can inject malicious JavaScript into their Facebook, LinkedIn, an...

8.9CVSS0.00203EPSS
Exploits0References1
NVD
NVD
added 2026/04/07 6:16 p.m.3 views

CVE-2026-35575

ChurchCRM is an open-source church management system. Prior to 6.5.3, a Stored Cross-Site Scripting Stored XSS vulnerability in the admin panel’s group-creation feature allows any user with group-creation privileges to inject malicious JavaScript that executes automatically when an administrator...

8CVSS0.00243EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/07 6:15 p.m.3 views

Information Exposure

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Information Exposure via the connect process. An attacker can obtain sensitive host filesystem paths and deployment metadata by making authenticated requests as a non-admin client...

5.3CVSS5.8AI score0.00283EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.7 views

OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients

Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...

5.3CVSS5.9AI score0.00283EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/07 6:15 p.m.6 views

GHSA-2F7J-RP58-MR42 OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients

Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...

5.3CVSS5.8AI score0.00283EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/07 6:11 p.m.2 views

Improper Privilege Management

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Privilege Management in the operator.write process. An attacker can gain unauthorized access to admin-level Telegram configuration and cron persistence by sending crafted request...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References2
OSV
OSV
added 2026/04/07 6:11 p.m.3 views

GHSA-767M-XRHC-FXM7 OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

Summary Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Telegram config or cron persistence bug, but it is an authenticated...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.6 views

OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

Summary Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Telegram config or cron persistence bug, but it is an authenticated...

8.8CVSS5.9AI score0.00232EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/07 6:11 p.m.4 views

GHSA-3Q42-XMXV-9VFR OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send

Summary Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Talk Voice config persistence bug, but it is the same narrow...

6.9CVSS5.8AI score0.00243EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.5 views

OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send

Summary Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Talk Voice config persistence bug, but it is the same narrow...

7.1CVSS5.9AI score0.00243EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/07 6:10 p.m.3 views

GHSA-H2V7-XC88-XX8C OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels

Summary /phone arm//phone disarm Bypasses operator.admin Scope Check for External Channels Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Maintainers accepted this issue, fixed it in aa66ae1fc797d3298cc409ed2c5da69a89950a45 on 2026-03-27, and that fix shipped...

6.9CVSS5.8AI score0.00331EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.7 views

OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels

Summary /phone arm//phone disarm Bypasses operator.admin Scope Check for External Channels Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Maintainers accepted this issue, fixed it in aa66ae1fc797d3298cc409ed2c5da69a89950a45 on 2026-03-27, and that fix shipped...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/07 6:3 p.m.0 views

CVE-2026-39343 ChurchCRM has a SQL Injection in Event Type Editor (Admin)

ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in the EditEventTypes.php file, which is only accessible to administrators. The ENtyid POST parameter is not sanitized before being used in a SQL query, allowing an administrator to execute...

7.2CVSS6.2AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 6:0 p.m.3 views

CVE-2026-39340 ChurchCRM has a SQL Injection in PropertyTypeEditor.php via Incorrect Sanitizer Substitution

ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in PropertyTypeEditor.php, part of the administration functionality for managing property type categories People → Person Properties / Family Properties. The vulnerability was introduced whe...

8.1CVSS5.9AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 5:57 p.m.6 views

CVE-2026-39338 ChurchCRM has Blind XSS via Global Search – Administrative Cookie Session Exfiltration

ChurchCRM is an open-source church management system. Prior to 7.1.0, a Blind Reflected Cross-Site Scripting vulnerability exists in the search parameter accepted by the ChurchCRM dashboard. The application fails to sanitize or encode user-supplied input prior to rendering it within the browser's...

8.6CVSS6.3AI score0.00224EPSS
Exploits1References1
Rows per page
Query Builder