Lucene search
K

87129 matches found

Vulnrichment
Vulnrichment
added 2026/04/23 11:50 p.m.2 views

CVE-2026-35503 SenseLive X3050 Use of Hard-coded Credentials

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...

9.8CVSS5.4AI score0.00548EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 11:50 p.m.2 views

CVE-2026-35503

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 2026/04/23 11:22 p.m.83 views

Exploit for OS Command Injection in Zyxel Vmg8623-T50B_Firmware

CVE-2026-1459-POC POC for the CVE-2026-1459 which payload c...

7.2CVSS5.8AI score0.00902EPSS
Exploits1
NVD
NVD
added 2026/04/23 10:16 p.m.6 views

CVE-2026-41344

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...

8.8CVSS0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/04/23 10:16 p.m.10 views

CVE-2026-41339

OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...

5.3CVSS0.00283EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 9:58 p.m.21 views

CVE-2026-41359

OpenClaw prior to version 2026.3.28 contains a privilege escalation vulnerability. Authenticated operators with write permissions can access admin-class Telegram configuration and cron persistence settings via the send endpoint due to insufficient access controls. The CVE entry notes a CVSS v3.1/...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:58 p.m.5 views

CVE-2026-41359

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/23 9:58 p.m.3 views

CVE-2026-41359 OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settings via the send endpoint. Attackers with operator.write credentials can exploit insufficient acce...

7.1CVSS5.2AI score0.00232EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:58 p.m.3 views

CVE-2026-41344

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...

5.4CVSS5.7AI score0.00209EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/23 9:58 p.m.2 views

CVE-2026-41344 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...

5.4CVSS5.2AI score0.00209EPSS
Exploits0References2
CVE
CVE
added 2026/04/23 9:58 p.m.11 views

CVE-2026-41344

OpenClaw

8.8CVSS5.7AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/23 9:58 p.m.32 views

CVE-2026-41344 OpenClaw < 2026.3.28 - Privilege Escalation via chat.send /verbose Parameter

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can exploit the /verbose parameter to bypass access controls and expose sensitive reasoning or...

5.4CVSS0.00209EPSS
Exploits0References2
CVE
CVE
added 2026/04/23 9:57 p.m.9 views

CVE-2026-41339

OpenClaw vulnerability CVE-2026-41339 affects OpenClaw prior to 2026.4.2. The issue is an information disclosure via Gateway connect snapshots, where configPath and stateDir metadata are exposed to non-admin authenticated clients. This allows recovery of host-specific filesystem paths and deploym...

5.3CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/23 9:57 p.m.32 views

CVE-2026-41339 OpenClaw < 2026.4.2 - Information Disclosure via Gateway Connect Snapshot

OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...

5.3CVSS0.00283EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.4 views

CVE-2026-41339

OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks...

5.3CVSS5.8AI score0.00283EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/23 9:23 p.m.6 views

Missing Authorization

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Missing Authorization via the change-password endpoint, which lacks proper authorization checks. An attacker can gain administrative privileges by overwriting the password hash for the...

8.8CVSS5.6AI score0.00472EPSS
Exploits1References3
OSV
OSV
added 2026/04/23 9:23 p.m.5 views

GHSA-PRP4-2F49-FCGP Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

8.8CVSS5.8AI score0.00472EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/23 9:23 p.m.9 views

Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

8.8CVSS5.8AI score0.00472EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/23 8:38 p.m.6 views

CVE-2026-4121

The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler admin/setting.php. The settings form does not include a wpnoncefield and the form processing code...

4.3CVSS5.7AI score0.00178EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/23 6:33 p.m.12 views

EUVD-2026-25224

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

9.8CVSS6.3AI score0.00972EPSS
Exploits2References5
Rows per page
Query Builder