Lucene search
+L

9 matches found

NVD
NVD
added 2026/04/10 5:17 p.m.9 views

CVE-2026-35651

OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to...

5.3CVSS0.0026EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/10 4:3 p.m.27 views

CVE-2026-35651 OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence Injection in Approval Prompt

OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to...

5.3CVSS0.0026EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Version 2026.2.13 to 2026.3.24 of OpenClaw contained security vulnerabilities. These vulnerabilities were caused by ANSI escape sequence injections in the approval prompts, which could allow attackers to forge...

5.3CVSS5.8AI score0.0026EPSS
Exploits0References3
Snyk
Snyk
added 2025/11/06 11:48 p.m.3 views

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization of user-supplied input in several fields, including repository descriptions, project names, git commit author names, commit messages, access token names, and webhook URLs. An attacker can inject malicious ANSI...

5.1CVSS6.6AI score0.00174EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-0232

Malware in sbrugna...

7.5CVSS7.4AI score0.01345EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.11 views

Amazon Linux 2023 : glycin-loaders (ALAS2023-2025-1193)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1193 advisory. tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence...

2.3CVSS5.5AI score0.00303EPSS
Exploits0References4
OSV
OSV
added 2025/08/29 10:15 p.m.9 views

AZL-73211 CVE-2025-58160 affecting package kata-containers 3.19.1.kata2-6

tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...

2.3CVSS6AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2025/08/29 10:15 p.m.5 views

UBUNTU-CVE-2025-58160

tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...

2.3CVSS6AI score0.00303EPSS
Exploits0References4
NCSC
NCSC
added 2023/08/02 12:0 a.m.7 views

Vulnerability fixed in Splunk SOAR

Splunk has fixed a vulnerability in Splunk SOAR. The vulnerability allows an unauthenticated malicious person to inject inject ANSI escape code into a log file. To do so, the malicious party must send a specially prepared HTTP request to the Spunk SOAR instance. When this log file is read in a...

8.6CVSS7.3AI score0.00281EPSS
Exploits0
Rows per page
Query Builder