92 matches found
EUVD-2026-21141
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...
CVE-2026-35644 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...
CVE-2026-35644
OpenClaw before 2026.3.22 has an information disclosure vulnerability that allows attackers with operator.read scope to exfiltrate credentials embedded in channel baseUrl and httpUrl fields..adversaries can retrieve sensitive authentication information from gateway snapshots via config.get and ch...
PT-2026-31777
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.22 Description OpenClaw before version 2026.3.22 contains an information disclosure issue. Attackers with operator.read scope can expose credentials embedded in the channel baseUrl and httpUrl fields. Sensitiv...
GHSA-PPWQ-6V66-5M6J OpenClaw Exposes Credentials Embedded in baseUrl Fields via config.get and channels.status
Summary Read-scoped gateway snapshots could expose credentials embedded in channel baseUrl and related endpoint fields. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2 630f1479c44f78484dfa21bb407cbe6f171dac87 - Latest...
CVE-2026-25750 LangSmith Studio has URL Parameter Injection Vulnerability that Enables Token Theft via Malicious baseUrl
Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The...
CVE-2021-47776
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
GHSA-H66J-XM43-47PP Umbraco CMS contains a server-side request forgery vulnerability
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
Umbraco CMS contains a server-side request forgery vulnerability
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2021-47776
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2021-47776
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2021-47776 Umbraco v8.14.1 - 'baseUrl' SSRF
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2021-47776 Umbraco v8.14.1 - 'baseUrl' SSRF
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2021-47776
Umbraco CMS v8.14.1 is affected by a server-side request forgery due to improper validation of the baseUrl parameter in dashboard and help endpoints. The vulnerability enables an attacker to force the server to perform unauthorized requests to external hosts via the GetContextHelpForPage, GetRemo...
EUVD-2026-2753
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
PT-2026-3051
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...
CVE-2022-50899 Geonetwork 4.2.0 - XML External Entity (XXE)
Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files...
CVE-2022-50899 Geonetwork 4.2.0 - XML External Entity (XXE)
Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files...
CVE-2022-50899
Geonetwork 3.10–4.2.0 is affected by an XML External Entity (XXE) vulnerability in the PDF rendering path. The issue arises from an insecure XML parser that can be driven by a crafted XML document with external entity references, allowing an attacker to read arbitrary server files via the baseURL...
CVE-2026-22794 Account Takeover Vulnerability in Appsmith
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in emails can be...