Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 3:7 p.m.2 views

CVE-2026-31994

OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files. Local attackers with control over service script generation...

7.8CVSS6.1AI score0.00571EPSS
Exploits0References1
OSV
OSVadded 2026/03/19 3:30 a.m.5 views

GHSA-5GQG-MQH5-2V39 Duplicate Advisory: OpenClaw Windows Scheduled Task script generation allowed local command injection via unsafe cmd argument handling

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mqr9-vqhq-3jxw. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script...

7.1CVSS6AI score0.00571EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/19 1:0 a.m.2 views

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

6.3CVSS6AI score0.00241EPSS
Exploits0References3Affected Software1
Securelist
Securelistadded 2025/06/09 10:0 a.m.22 views

Sleep with one eye open: how Librarian Ghouls steal data by night

Introduction Librarian Ghouls, also known as "Rare Werewolf" and "Rezet", is an APT group that targets entities in Russia and the CIS. Other security vendors are also monitoring this APT and releasing analyses of its campaigns. The group has remained active through May 2025, consistently targetin...

7.4AI score
Exploits0
Trellix
Trellixadded 2022/02/17 12:0 a.m.16 views

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

0.4AI score
Exploits0
OSV
OSVadded 2020/09/09 1:15 p.m.2 views

CVE-2020-6332

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

4.3CVSS5.8AI score
Exploits0References3
myhack58
myhack58added 2009/11/13 12:0 a.m.38 views

How to read the registry RUN key, there are several key value! - Vulnerability warning-the black bar safety net

A batch: to save for. bat or. cmd files 1, The use of the reg query: @echo off set r=\Software\Microsoft\Windows\CurrentVersion\Run for /f "skip=3 delims=" %%a in ’reg query HKLM \ %r%’ do echo.%% a echo.& amp;echo.& amp;echo. for /f "skip=3 delims=" %%a in ’reg query HKCU \ %r%’ do echo.%% a pau...

0.5AI score
Exploits0
Rows per page
Query Builder