PT-2026-38242

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.15 Description An authentication bypass exists in the Feishu webhook and card-action validation. When the encryptKey configuration is missing or callback tokens are blank, the system fails open rather than...

Fake Avast Website Targets Users With €499 Phishing Refund Scam

Fraudsters clone Avast’s website to target French users with a €499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data...

EUVD-2026-5708

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

PT-2021-03: Apple Pay authentication and fields validation issues

Apple allows payments using Transport Card for amount0.00, without implementing proper authentication to ensure that only dedicated transport terminals were used for paying on locked or uncharged iPhones. Advisory status: October, 2021 - Vendor notification date Credits: Timur Yunusov...

Trello: Trello Gold accounts free for 1 year

It is possible to create Trello Gold accounts and use it for free for 1 year. The issue lies in credit card validation. PoC: 1. Create a new trello account 2. After verification, go to Profile Trello Gold 3. Choose billed annually, enter a valid credit card number with $0 on it. and click on...