94 matches found
EUVD-2026-36318
OpenClaw's browser act interactions could bypass private-network navigation checks...
CVE-2026-54309
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the...
CVE-2026-54309 n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the...
CVE-2026-54309
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the...
CVE-2026-54309
CVE-2026-54309 affects n8n when using the MCP Browser extension in HTTP transport mode. The MCP endpoint accepts unauthenticated session initialization and tool invocation requests, enabling network-reachable clients (or websites visited by the user) to establish an MCP session and invoke browser...
n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions
Impact When @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Whe...
PT-2026-50175
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description When @n8n/mcp-browser is operated in HTTP transport mode using the --transport http flag, the MCP endpoint allows session initialization and tool invocation requests without...
CVE-2026-53812
OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...
CVE-2026-53812 OpenClaw < 2026.5.18 - Private-Network Navigation Bypass via Browser Act Interactions
OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...
PT-2026-48742
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An issue in browser control allows authenticated users to perform server-side request forgery SSRF, which is a flaw that enables an attacker to induce the server-side application to make request...
OpenClaw 代码问题漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing issues in browser control, allowing authenticated users to bypass private network...
CVE-2026-4293
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...
CVE-2026-4293
The CVE-2026-4293 entry covers cross-site scripting in Kieback & Peter DDC Building Controllers. Affected component: DDC building controllers; vulnerability allows attacker-supplied scripting to run in the victim’s browser, enabling browser control. CVSS 3.1 metrics show Network attack vector, no...
CVE-2026-4293
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...
Astra Linux – Vulnerability in Firefox
The Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability...
CamoFox MCP: Unauthenticated HTTP MCP browser-control surface
Unauthenticated HTTP MCP browser-control surface in camofox-mcp Summary camofox-mcp exposed a Streamable HTTP MCP endpoint at /mcp with rate limiting but no inbound MCP-layer authentication. When HTTP mode was enabled, any client that could reach /mcp could list and invoke browser-control tools. ...
CVE-2026-27662
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
GHSA-F5FM-9JMP-C88R Duplicate Advisory: OpenClaw: Trailing-dot localhost CDP hosts could bypass remote loopback protections
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fh32-73r9-rgh5. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing...
CVE-2026-41372
OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose...
CVE-2026-41372
Technical details such as affected products, versions, root cause, and remediation are not publicly available in the provided documents. Monitor for updates from NVD, CVE lists, and vendor advisories.