2363 matches found
CVE-2026-3219 vulnerabilities
Vulnerabilities for packages: py3-pip-wheel-bootstrap, graalvm, py3-pip, azureml-inference-server-http, ansible-operator-fips, tensorflow-cpu-jupyter, pypy-3.11, py3-virtualenv, py3-hashin, py3.14-virtualenv, datadog-agent, request-1276, azureml-inference-server-http-fips, pypy-3.10,...
GHSA-58QW-9MGM-455V vulnerabilities
Vulnerabilities for packages: py3-virtualenv, kubeflow-katib, py3-cassandra-medusa, py3.14-virtualenv, pypy-3.11, pypy-3.10, datadog-agent, py3-pip, tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap...
CVE-2026-3219 vulnerabilities
Vulnerabilities for packages: py3-virtualenv, kubeflow-katib, py3-cassandra-medusa, py3.14-virtualenv, pypy-3.11, pypy-3.10, datadog-agent, py3-pip, tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap...
PT-2026-36922
Name of the Vulnerable Software and Affected Versions Nginx UI version 2.3.5 Description Nginx UI, a web user interface for the Nginx web server, contains a flaw allowing an unauthenticated bootstrap takeover. This occurs during the initial installation window via the 'POST /api/install' endpoint...
EUVD-2026-25319
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
GHSA-FJM8-MGC9-MF65 Duplicate Advisory: OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hr8g-2q7x-3f4w. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON th...
Duplicate Advisory: OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hr8g-2q7x-3f4w. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON th...
CVE-2026-41335
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
CVE-2026-41335
OpenClaw
CVE-2026-41335 OpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSON
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
CVE-2026-41335
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
CVE-2026-41335 OpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSON
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the bootstrap JSON data used as a control interface, which allowed information leakage. This...
PT-2026-34766
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...
EUVD-2026-24646
The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions up to and including 1.0.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attribute...
CVE-2026-4076 Slider Bootstrap Carousel <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions up to and including 1.0.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attribute...
CVE-2026-4076
Slider Bootstrap Carousel (WordPress)
CVE-2026-4076
The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions up to and including 1.0.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attribute...
CVE-2026-4076 Slider Bootstrap Carousel <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions up to and including 1.0.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attribute...
PT-2026-34279
The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions up to and including 1.0.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attribute...