Lucene search
K

14 matches found

Veracode
Veracode
added 2026/05/16 5:32 a.m.23 views

Server-Side Request Forgery

esm.sh is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation in the /https fetch route, where localhost and internal network protections rely on hostname string checks that can be bypassed using DNS alias domains, allowing attackers to induce...

8.6CVSS7.2AI score0.00339EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/31 11:54 p.m.5 views

OpenClaw's message tool media parameter bypasses tool policy filesystem isolation

Summary The message tool accepted mediaUrl and fileUrl aliases without applying the same sandbox localRoots validation as the canonical media path handling. Impact A caller constrained to sandbox media roots could read arbitrary local files by routing them through the alias parameters. Affected...

8.6CVSS6AI score0.00555EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.7 views

CVE-2026-32232

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6...

9.8CVSS5.8AI score0.00618EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/25 12:27 a.m.6 views

SUSE CVE-2026-27730

esm.sh is a no-build content delivery network CDN for web development. Versions up to and including 137 have an SSRF vulnerability CWE-918 in esm.sh's /https fetch route. The service tries to block localhost/internal targets, but the validation is based on hostname string checks and can be bypass...

8.6CVSS7.2AI score0.00339EPSS
Exploits1References3
NVD
NVD
added 2026/03/12 7:16 p.m.3 views

CVE-2026-32232

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6...

9.8CVSS0.00618EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:24 p.m.2 views

CVE-2026-32232

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6...

9.3CVSS5.8AI score0.00618EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/12 6:24 p.m.26 views

CVE-2026-32232 ZeptoClaw: Path boundary checks bypass via symlink, TOCTOU, and hardlink

ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6...

9.3CVSS0.00618EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-25043

CVE-2026-32232 ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This… https://t.co/rVG7NT7AHt...

9.3CVSS5.8AI score0.00618EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.6 views

CVE-2026-27730

esm.sh is a no-build content delivery network CDN for web development. Versions up to and including 137 have an SSRF vulnerability CWE-918 in esm.sh’s /https fetch route. The service tries to block localhost/internal targets, but the validation is based on hostname string checks and can be bypass...

8.6CVSS5.5AI score0.00339EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/25 10:57 p.m.7 views

EUVD-2026-8685

esm.sh has SSRF localhost/private-network bypass in /https module route...

8.6CVSS8.2AI score0.00339EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/02/25 10:57 p.m.7 views

esm.sh has SSRF localhost/private-network bypass in `/http(s)` module route

Summary An SSRF vulnerability CWE-918 exists in esm.sh’s /https fetch route. The service tries to block localhost/internal targets, but the validation is based on hostname string checks and can be bypassed using DNS alias domains for example, 127.0.0.1.nip.io resolving to 127.0.0.1. This allows a...

8.6CVSS5.7AI score0.00339EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/08/09 2:1 a.m.7 views

CVE-2025-55001 OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...

6.5CVSS0.00206EPSS
Exploits0References3
OSV
OSV
added 2023/09/14 4:16 p.m.2 views

GHSA-3GH6-V5V9-6V9J Jetty vulnerable to errant command quoting in CGI Servlet

If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the...

3.5CVSS6.9AI score0.01006EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.4 views

SUSE CVE-2007-5424

The disablefunctions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using inialter when iniset is disabled...

7.5CVSS7AI score0.01689EPSS
Exploits0References3
Rows per page
Query Builder