Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-23638 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper with the internal approval flow configurations of forms belonging to other users due to insufficient...

6.5CVSS0.00028EPSS
Exploits0References1
CVE
CVEadded 4 days ago8 views

CVE-2026-23638

Kiteworks CVE-2026-23638 is an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms, affecting versions prior to 9.3.0. An authenticated attacker can tamper with internal approval flow configurations of other users’ forms due to insufficient authorization checks on...

6.5CVSS5.8AI score0.00028EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2026/03/26 9:40 p.m.1 views

GHSA-HF68-49FM-59CQ OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve

Summary device.pair.approve allowed an operator.pairing approver to approve a pending device request for broader operator scopes than the approver actually held. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

9.4CVSS5.9AI score0.00309EPSS
Exploits0References6
Snyk
Snykadded 2026/03/12 2:21 p.m.1 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the system.run approval flow. An attacker can execute unauthorized or modified scripts by obtaining approval for a script execution...

6.3CVSS6.1AI score
Exploits0References2
OSV
OSVadded 2025/06/26 6:15 a.m.1 views

UBUNTU-CVE-2025-2938

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...

8.8CVSS5.8AI score0.00052EPSS
Exploits0References2
Hacker One
Hacker Oneadded 2015/02/11 2:33 a.m.27 views

Mobile Vikings: Approve topup method by sender of this method

user A has a sim and send auth request to user B user B accepted it and decide to add to shared sim own topup method user B goes to https://mobilevikings.be/en/account/easypay/auto-sms-topup/ - select shared sim card and select method in section "Choose a payment method" and submit form. User A g...

7AI score
Exploits0
Rows per page
Query Builder