48 matches found
GHSA-GXG4-2RRR-JHC7 OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently
Summary Hostname checks could treat trailing-dot hosts inconsistently. In affected versions, a request path that accepts model- or workspace-derived URLs could present the same hostname with a trailing dot and avoid a blocklist comparison. This advisory is scoped to the named feature and...
CVE-2025-71321
picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.fileutil.writefile. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of service or remote code...
CVE-2026-53872 picklescan - Arbitrary File Read via Unsafe Pickle Deserialization
picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...
CVE-2026-53859 OpenClaw < 2026.5.26 - Hostname Validation Bypass via Trailing-Dot Inconsistency
OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-dot notation in model or workspace-derived URLs. Attackers can exploit inconsistent hostname checks to reach destinations that operators intended to block throu...
Budibase 代码问题漏洞
Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.1 contained code-related vulnerabilities. These vulnerabilities stemmed from the integratio...
PT-2026-42698
Name of the Vulnerable Software and Affected Versions Pydantic AI versions prior to 1.99.0 Description An issue exists when an application uses force download='allow-local', which disables the default block on private and internal IP addresses. The cloud-metadata blocklist can be bypassed by...
Astra Linux – Vulnerability in Python 3.7, Python 2.7
A issue in the urllib.parse component of Python prior to version 3.11.4 allows attackers to bypass blocklisting methods by providing a URL that starts with blank characters...
WordPress plugin Import and export users and customers 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
OpenMage Magento Lts(Magento) 安全漏洞
OpenMage Magento Lts Magento is an e-commerce system developed by the OpenMage organization. Versions of OpenMage Magento Lts prior to 20.17.0 contained security vulnerabilities. These vulnerabilities stemmed from incomplete blocklists used during the upload of product customization files, which...
SiYuan 安全漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan 3.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from incomplete blocklists in SanitizeSVG, as well as the lack of escaping, which could lead to...
Unsafe Deserialization
The affected library is vulnerable to Unsafe Deserialization. The vulnerability is due to improper handling of pickle deserialization combined with the use of logging.FileHandler, which allows an attacker to bypass RCE-focused blocklists and create zero-byte files in arbitrary locations on the...
GHSA-8JR8-7HR4-VHFX Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via HTTP Redirect
Summary The saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypass all SSRF protections by hosting a redirect that points to cloud metadata endpoints or any internal IP addresses. ---...
Craft CMS 代码问题漏洞
Craft CMS is an open-source content management system developed by Craft CMS. There are code vulnerabilities in versions 4.0.0-RC1 to 4.16.17, and from 5.0.0-RC1 to 5.8.21 of Craft CMS. These vulnerabilities stem from the IP address validation function’s inability to recognize alternate...
GHSA-M7J5-R2P5-C39R picklescan vulnerable to arbitrary file create using logging.FileHandler
Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...
Is Protective DNS Blocking the Wild West?
We perform a passive measurement study investigating how a Protective DNS service might perform in a Research & Education Network serving hundreds of member institutions. Utilizing freely-available DNS blocklists consisting of domain names deemed to be threats, we test hundreds of millions of...
Jenkins Remote Code Execution Vulnerability
Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection...
CVE-2025-9376
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to an insufficient capability check on the 'stopbadbotscheckwordpressloggedincookie' function in all versions up to, and including, 11.58. This...
CVE-2025-9376
CVE-2025-9376 affects the WordPress plugin Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection, versions up to and including 11.58. The vulnerability stems from an insufficient capability check in the stopbadbots_check_wordpress_logged_in_cookie function, allowing unaut...
req may send an unintended request when a malformed URL is provided
The req library is a widely used HTTP library in Go. However, it does not handle malformed URLs effectively. As a result, after parsing a malformed URL, the library may send HTTP requests to unexpected destinations, potentially leading to security vulnerabilities or unintended behavior in...
GHSA-CJ55-GC7M-WVCQ req may send an unintended request when a malformed URL is provided
The req library is a widely used HTTP library in Go. However, it does not handle malformed URLs effectively. As a result, after parsing a malformed URL, the library may send HTTP requests to unexpected destinations, potentially leading to security vulnerabilities or unintended behavior in...