36947 matches found
CVE-2026-32011
OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...
github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload
A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...
github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload
A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...
CVE-2026-28449
OpenClaw versions prior to 2026.2.25 lack durable replay state for Nextcloud Talk webhook events, allowing valid signed webhook requests to be replayed without suppression. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound message processing an...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.25 contained security vulnerabilities. These vulnerabilities stemmed from a lack of persistent replay protection for Nextcloud Talk webhook events. This allowed attackers to...
OPENSUSE-SU-2026:10395-1 qemu-10.2.2-1.1 on GA media
These are all security issues fixed in the qemu-10.2.2-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10394-1 python313-3.13.12-2.1 on GA media
These are all security issues fixed in the python313-3.13.12-2.1 package on the GA media of openSUSE Tumbleweed...
ROS-20260319-73-0012
A vulnerability in the tagkey validation mechanism of the Fluent Bit log collection and processing tool is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and availability of protected information...
EUVD-2026-12790
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22323
A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...
CVE-2026-22321
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22323 Cross‑Site Request Forgery in Link Aggregation Configuration
A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...
CVE-2026-22321 Stack-Based Buffer Overflow in CLI Login Username Handling over CLI
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22321
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22321
CVE-2026-22321 describes a stack-based buffer overflow in the device’s Telnet/SSH CLI login routine triggered by oversized/unexpected username input from an unauthenticated attacker. This crashes only the thread handling the login attempt while other CLI sessions remain unaffected, resulting in a...
PT-2026-26027
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak where an unauthenticated remote attacker can trigger an application-level Denial of Service DoS by sending a highly compressed SAMLRequest through the SAML Redirect...
PT-2026-26037
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
PT-2026-26315
Name of the Vulnerable Software and Affected Versions Grafana Tempo versions prior to 2.10.3 Description A flaw exists in Grafana Tempo that results in the exposure of the S3 SSE-C encryption key in plaintext. This exposure occurs through the /status/config API endpoint. Successful exploitation...
Phoenix Contact多款产品 安全漏洞
PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...
OPENSUSE-SU-2026:10387-1 kernel-devel-6.19.8-1.1 on GA media
These are all security issues fixed in the kernel-devel-6.19.8-1.1 package on the GA media of openSUSE Tumbleweed...