Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/04/28 6:9 p.m.26 views

CVE-2026-41383 OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths

OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config paths to cause mirr...

8.1CVSS0.00058EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/28 12:0 a.m.4 views

OpenClaw 路径遍历漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.2 contained a path traversal vulnerability. This vulnerability stemmed from a directory deletion vulnerability in the mirror mode, allowing attackers to delete remote directorie...

8.1CVSS5.8AI score0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/09 5:1 p.m.1 views

CVE-2026-39981 AGiXT has a Path Traversal in safe_join()

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

8.8CVSS5.9AI score0.00051EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/19 10:6 p.m.1 views

CVE-2026-32013 OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

8.8CVSS6.4AI score0.00049EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/03/29 1:15 p.m.3 views

CVE-2022-28156

Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to copy arbitrary files and directories from the Jenkins controller to the agent workspace...

6.5CVSS6AI score0.00836EPSS
Exploits0References3
Prion
Prionadded 2022/03/29 1:15 p.m.12 views

Design/Logic Flaw

Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to copy arbitrary files and directories from the Jenkins controller to the agent workspace...

4CVSS6.4AI score0.00836EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/03/29 12:0 a.m.2 views

Jenkins Pipeline Phoenix AutoTest Plugin 路径遍历漏洞

Jenkins Pipeline is a set of plug-ins that support the implementation and integration of continuous delivery pipelines into Jenkins.Jenkins Pipeline Phoenix AutoTest Plugi 1.3 and earlier is vulnerable to a path traversal vulnerability that could be exploited by an attacker with Item/Configure...

6.5CVSS5.8AI score0.00836EPSS
Exploits0References5
Rows per page
Query Builder