Danelec Marine Danelec MacGregor Voyage Data Recorder 信任管理问题漏洞

The Danelec Marine Danelec MacGregor Voyage Data Recorder is a series of ship navigation data recording systems developed by Danelec Marine. The Danelec Marine Danelec MacGregor Voyage Data Recorder has a vulnerability related to trust management, which stems from the default account that include...

CVE-2026-25193

Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...

EUVD-2026-25324

OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can exploit this trust propagation to bypass authentication controls and gain unauthorized access to name...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a legacy Telegram “allowFrom” migration error, which allowed attackers to bypass authentication control...

OpenClaw: Telegram legacy allowFrom migration fans default-account trust into all named accounts

Summary Telegram legacy allowFrom migration fans default-account trust into all named accounts Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: Shipped v2026.3.28 Telegram migration fans legacy default-account allowFrom trust into named accounts, which is an...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the /allowlist ... --store process. An attacker can gain unintended authorization to the default account by editing allowlist entries as an already-authorized...

GHSA-PJVX-RX66-R3FG OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping

Summary /allowlist ... --store resolved the selected channel accountId for reads, but store writes still dropped that accountId and wrote into the legacy unscoped pairing allowlist store. Because default-account reads still merge legacy unscoped entries, a store entry intended for one account cou...

OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping

Summary /allowlist ... --store resolved the selected channel accountId for reads, but store writes still dropped that accountId and wrote into the legacy unscoped pairing allowlist store. Because default-account reads still merge legacy unscoped entries, a store entry intended for one account cou...

CVE-1999-0585

A Windows NT administrator account has the default name of Administrator...

EUVD-2001-0369

Malware in sbrugna...

EUVD-2006-0795

Malware in sbrugna...

EUVD-2007-6446

Malware in sbrugna...

EUVD-2000-0766

Malware in sbrugna...

EUVD-2015-6278

Malware in sbrugna...

EUVD-2015-6238

Malware in sbrugna...

EUVD-2012-0729

Malware in sbrugna...

EUVD-2007-4243

Malware in sbrugna...

EUVD-2003-1497

Malware in sbrugna...

EUVD-2017-15746

Malware in sbrugna...

EUVD-2017-14287

Malware in sbrugna...