Lucene search
K

1566 matches found

Cvelist
Cvelist
added 2026/06/11 8:8 p.m.28 views

CVE-2026-53814 OpenClaw < 2026.5.20 - Privilege Escalation via Hook-Triggered CLI MCP Tool Authority

OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes ...

8.7CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:8 p.m.10 views

CVE-2026-53814 OpenClaw < 2026.5.20 - Privilege Escalation via Hook-Triggered CLI MCP Tool Authority

OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes ...

8.7CVSS5.3AI score0.00281EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.13 views

CVE-2026-45556

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:44 a.m.14 views

Malicious code in solana-rpc-pool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e128b9efb48222aac63385175a13c182fc4f832f83576eb80f7777f255048c On npm install, the package's postinstall hook runs install.js which performs four independent attacker-benefit actions. 1 Credential theft: it reads...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 4:44 a.m.12 views

MAL-2026-5573 Malicious code in solana-rpc-pool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e128b9efb48222aac63385175a13c182fc4f832f83576eb80f7777f255048c On npm install, the package's postinstall hook runs install.js which performs four independent attacker-benefit actions. 1 Credential theft: it reads...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 3:10 a.m.10 views

MAL-2026-5559 Malicious code in solana-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 059c5a74392811a397d3868092b7bcc84fbfac9d2f3de1c69a6421cdf756b652 On npm install, the package's postinstall hook node install.js executes a multi-stage attack against the installer's machine. It reads...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 2:58 a.m.28 views

MAL-2026-5560 Malicious code in solana-web3-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 202fa4daf22c4ecace931dfbdbeee6821fe42c14956d35c763c55051528dee12 Package masquerades as the official @solana/web3.js SDK name solana-web3-community, author 'Solana Labs Maintainers ', repository...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 2:58 a.m.14 views

Malicious code in solana-web3-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 202fa4daf22c4ecace931dfbdbeee6821fe42c14956d35c763c55051528dee12 Package masquerades as the official @solana/web3.js SDK name solana-web3-community, author 'Solana Labs Maintainers ', repository...

5.5AI score
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

OpenClaw 权限许可和访问控制问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.20 contained security vulnerabilities. These vulnerabilities were caused by permission escalation issues, where hooks triggered proxy operations that incorrectly received MCP...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 6:37 p.m.11 views

MAL-2026-5525 Malicious code in @solana-labs/web3.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91b0523027116b3981b0f1dfe925f01d8956eb19817aae6ea7d0022d5357fba4 Package @solana-labs/web3.js impersonates the legitimate @solana/web3.js and re-exports it as cover while running a malicious postinstall node...

5.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:37 p.m.19 views

Malicious code in @solana-labs/web3.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91b0523027116b3981b0f1dfe925f01d8956eb19817aae6ea7d0022d5357fba4 Package @solana-labs/web3.js impersonates the legitimate @solana/web3.js and re-exports it as cover while running a malicious postinstall node...

5.5AI score
Exploits0References6
NVD
NVD
added 2026/06/10 3:16 p.m.15 views

CVE-2026-45556

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 2:0 p.m.39 views

CVE-2026-45556 Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 2:0 p.m.11 views

CVE-2026-45556 Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 2:0 p.m.30 views

CVE-2026-45556

Roxy-WI (versions &lt;= 8.2.6.4) is affected by CVE-2026-45556. The vulnerability arises in POST /waf///rule//save: the config_file_name field is passed to config_mod.master_slave_upload_and_restart(...) as the destination path. The validation only checks that the path contains a service substrin...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 2:0 p.m.18 views

EUVD-2026-36038

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 1:39 p.m.12 views

GHSA-8QHJ-4F8C-J8QG Nezha has cross-site GET request that can trigger stored cron commands on a victim's agents

Summary The dashboard exposes the cron manual-trigger action as an authenticated GET /api/v1/cron/:id/manual endpoint. Dashboard JWTs are sent in the nz-jwt cookie and configured with SameSite=Lax, which browsers include on top-level cross-site GET navigations. Because this state-changing GET...

7.1CVSS5.7AI score0.00123EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/10 1:39 p.m.34 views

Nezha has cross-site GET request that can trigger stored cron commands on a victim's agents

Summary The dashboard exposes the cron manual-trigger action as an authenticated GET /api/v1/cron/:id/manual endpoint. Dashboard JWTs are sent in the nz-jwt cookie and configured with SameSite=Lax, which browsers include on top-level cross-site GET navigations. Because this state-changing GET...

7.1CVSS5.7AI score0.00123EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.30 views

PT-2026-48481

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.0.0 through 2.0.13 Description A cross-site request forgery CSRF issue exists where a cross-site GET request can trigger stored cron commands on a victim's agents. The dashboard exposes a manual-trigger action via t...

7.1CVSS5.2AI score0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.35 views

PT-2026-48436

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a config file name form field that is passed straight through to config mod.master slave upload and restart... as the destination path. The validati...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References2
Rows per page
Query Builder