CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

NVD•added 2026/06/11 9:16 p.m.•6 views

CVE-2026-53808

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS0.00194EPSS

Exploits0References2

Cvelist•added 2026/06/11 8:6 p.m.•26 views

CVE-2026-53808 OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow

6.5CVSS0.00194EPSS

Exploits0References2

EUVD•added 2026/06/11 8:6 p.m.•6 views

EUVD-2026-36314

6.5CVSS5.5AI score0.00194EPSS

Exploits0References2

Vulnrichment•added 2026/06/11 8:6 p.m.•6 views

CVE-2026-53808 OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow

6.5CVSS5.2AI score0.00194EPSS

Exploits0References2

Positive Technologies•added 2026/06/11 12:0 a.m.•4 views

PT-2026-48738

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description An approval policy bypass exists in the Skill Workshop apply flow. This issue allows agent tool calls to set the apply variable to true even when the approvalPolicy is configured as pending. An...

6.5CVSS5.2AI score0.00194EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-46652

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00491EPSS

Exploits0References2

Tenable Nessus•added 2025/09/01 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-8770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allow...

6.5CVSS5.5AI score0.00264EPSS

Exploits0References2

OSV•added 2025/08/13 5:26 p.m.•3 views

CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...

6.5CVSS6.3AI score0.00264EPSS

Exploits0References4

Vulnrichment•added 2025/05/05 2:0 p.m.•6 views

CVE-2025-4316

Improper access control in PAM feature in Devolutions Server allows a PAM user to self approve their PAM requests even if disallowed by the configured policy via specific user interface actions. This issue affects Devolutions Server versions from 2025.1.3.0 through 2025.1.6.0, and all versions up...

4.5AI score0.00305EPSS

Exploits0References1

OSV•added 2024/06/28 7:19 a.m.•26 views

BIT-GITLAB-2024-5430 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via graphQL...

6.8CVSS5.5AI score0.00491EPSS

Exploits0References3

NVD•added 2024/06/27 12:15 a.m.•23 views

CVE-2024-5430

6.8CVSS0.00491EPSS

Exploits0References2

UbuntuCve•added 2024/06/27 12:15 a.m.•24 views

CVE-2024-5430

6.8CVSS5.9AI score0.00491EPSS

Exploits0References3

Cvelist•added 2024/06/26 11:30 p.m.•33 views

CVE-2024-5430 Improper Access Control in GitLab

6.8CVSS0.00491EPSS

Exploits0References2

CVE•added 2024/06/26 11:30 p.m.•109 views

CVE-2024-5430

CVE-2024-5430 affects GitLab CE/EE. Affected are all versions from 16.10 up to but not including 16.11.5, from 17.0 up to but not including 17.0.3, and from 17.1 up to but not including 17.1.1. The underlying issue allows a project maintainer to delete the merge request approval policy via GraphQ...

6.8CVSS5.5AI score0.00491EPSS

Exploits0References2Affected Software1