2 matches found
CVE-2026-53820 OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn
OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attackers can reach the affected bundled MCP session-spawn path to start sessions with broader command...
Mobile Verification Toolkit 路径遍历漏洞
The Mobile Verification Toolkit is an open-source mobile device forensics analysis tool developed by MVT. Versions of the Mobile Verification Toolkit prior to version 2026.5.12 contained a path traversal vulnerability. This vulnerability stemmed from file identifiers that were not cleared during...