272112 matches found
GHSA-3V3J-737J-7G74 Duplicate Advisory: Linux and macOS exec allowlists skipped configured argument patterns
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-v2ww-5rh7-2h5v. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers ...
Duplicate Advisory: Linux and macOS exec allowlists skipped configured argument patterns
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-v2ww-5rh7-2h5v. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers ...
Duplicate Advisory: Internal/webchat command auth could inherit ownerAllowFrom wildcard state
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4hpg-mp64-x7xq. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authenticatio...
GHSA-GW2C-6HCG-5G52 Duplicate Advisory: Focus command could miss controlScope enforcement
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mpc8-jxjh-qpgh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows...
GHSA-R7VV-6763-M739 Duplicate Advisory: Skill-command dispatch could skip before-tool-call hooks
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-68xw-r643-9p5w. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispat...
GHSA-WRR6-P5R6-474M Duplicate Advisory: Exec allowlist could miss side effects from transparent command wrappers
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cwpp-5962-q4f6. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute...
Duplicate Advisory: Focus command could miss controlScope enforcement
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mpc8-jxjh-qpgh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows...
Duplicate Advisory: Exec allowlist could miss side effects from transparent command wrappers
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cwpp-5962-q4f6. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute...
Duplicate Advisory: Skill-command dispatch could skip before-tool-call hooks
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-68xw-r643-9p5w. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispat...
CVE-2026-49073
Summary: CVE-2026-49073 affects the WordPress plugin Directorist Booking (wpWax Directorist Booking) versions up to 3.0.3. The issue is an SQL Injection in the plugin, allowing blind SQL injection through improper neutralization of special elements in SQL commands. The CVSSBase score is 8.5 (HIGH...
CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...
CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...
GHSA-VX4Q-3CR2-7CG2 yt-dlp: Arbitrary code execution via manifest downloads with aria2c
Summary If aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On Windows platforms, this can lead to immediate arbitrary code...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via insufficient sanitization of input passed to the aria2c external...
yt-dlp: Arbitrary code execution via manifest downloads with aria2c
Summary If aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On Windows platforms, this can lead to immediate arbitrary code...
GHSA-9CR8-Q42Q-G8M7 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts
Summary There is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake selects the applicable TLS configuration through an exact,...
Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts
Summary There is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake selects the applicable TLS configuration through an exact,...
CVE-2026-11409
The CVE-2026-11409 entry concerns an authenticated OS command injection in the IPv6 PPPoE configuration handler of TL-WR940N v6. The vulnerability arises from improper sanitization of user input, allowing an authenticated attacker with administrative access to execute arbitrary system commands wi...
CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...
CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...