Lucene search
K

1362 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/29 3:9 p.m.12 views

CVE-2026-34507

OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin commands from unauthorized senders or contexts to execute restricted behavior that policy should have...

5.4CVSS5.9AI score0.00148EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/29 3:9 p.m.19 views

CVE-2026-34507 OpenClaw < 2026.4.29 - Policy Bypass in QQBot Admin Commands via DM-only and allowFrom Checks

OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin commands from unauthorized senders or contexts to execute restricted behavior that policy should have...

5.4CVSS5.9AI score0.00148EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 3:9 p.m.27 views

CVE-2026-34507

OpenClaw vulnerable before 2026.4.29: policy bypass in QQBot admin commands allows authenticated senders to skip DM-only and allowFrom checks, enabling routing of admin commands from unauthorized senders/contexts to execute restricted behavior. CVSS metrics: CVSS 4.0 base 2.3 (LOW) and CVSS 3.1 b...

5.4CVSS5.9AI score0.00148EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/29 9:50 a.m.19 views

CVE-2026-46579

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS5.7AI score0.0023EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 4:16 p.m.18 views

CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS0.00127EPSS
Exploits1References1
PyPA
PyPA
added 2026/05/28 4:16 p.m.14 views

PYSEC-0000-CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS5.8AI score0.00127EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

UBUNTU-CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS5.8AI score0.00127EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/28 3:10 p.m.57 views

CVE-2026-48523 PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS0.00127EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/28 3:10 p.m.13 views

CVE-2026-48523 PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS5.8AI score0.00127EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/28 3:10 p.m.12 views

CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS5.8AI score0.00127EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.12 views

PT-2026-44395

Name of the Vulnerable Software and Affected Versions PyJWT versions 2.9.0 through 2.12.1 Description A verifier-side algorithm allow-list bypass occurs when jwt.decode or jwt.decode complete are called with a PyJWK key. While the token header alg is checked against the provided algorithms...

5.4CVSS5.2AI score0.00127EPSS
Exploits1References210
RedHat Linux
RedHat Linux
added 2026/05/26 5:33 a.m.14 views

ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection

A flaw was found in Ruby JSON. This vulnerability, a format string injection, allows a remote attacker to cause a denial of service DoS or disclose sensitive information. The flaw occurs when processing specially crafted user-supplied documents with the allowduplicatekey: false parsing option...

9.1CVSS6.3AI score0.00838EPSS
Exploits0References5
OSV
OSV
added 2026/05/22 5:27 p.m.5 views

GHSA-7M8F-HGJQ-8GC9 aiosend: Deserialization of request body before signature verification (Pre-auth DoS) in webhook handler

Vulnerability Description In aiosend/webhook/base.py, the WebhookHandler.feedupdate method performs full deserialization of the incoming JSON via Pydantic before verifying the HMAC signature. Anyone can send a request with an arbitrary body — the server will parse it, spend CPU and memory, and on...

7.5CVSS6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.25 views

Grafana Labs < 11.6.14+security-04 / 12.2.0 < 12.2.8+security-04 / 12.3.0 < 12.3.6+security-04 / 12.4.0 < 12.4.3+security-02 / 13.0.0 < 13.0.1+security-01 Multiple Vulnerabilities

The version of Grafana Labs installed on the remote host is affected by multiple vulnerabilities, including: - A broken access control flaw in the Snapshot API allows any Editor to delete dashboard snapshots, even those they have no read or write access to. CVE-2026-28380 - When using an IPv6...

8.1CVSS5.4AI score0.00328EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-33376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate...

7.4CVSS5.9AI score0.00271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016686)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016686 advisory. Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a...

8.5CVSS7.3AI score0.01116EPSS
Exploits0References4
OSV
OSV
added 2026/05/21 9:35 p.m.16 views

GHSA-CQP8-FCVH-X7R3 Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack an...

6.8CVSS5.8AI score0.00039EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/21 9:35 p.m.15 views

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack an...

8.6CVSS5.8AI score0.00579EPSS
Exploits1References3Affected Software2
NVD
NVD
added 2026/05/21 10:16 a.m.13 views

CVE-2026-45254

In the case of the capnet service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit...

6.5CVSS0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:34 a.m.7 views

CVE-2026-45254

In the case of the capnet service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder