1005 matches found
Malicious code in security-env-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf2b538ca6f5582ba25c054253f091eacca05571066d7237d6f693f23938e37c Package impersonates the popular dotenv library identical description and repo URL git://github.com/motdotla/dotenv.git and exposes a matching config...
MAL-2026-4665 Malicious code in security-env-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf2b538ca6f5582ba25c054253f091eacca05571066d7237d6f693f23938e37c Package impersonates the popular dotenv library identical description and repo URL git://github.com/motdotla/dotenv.git and exposes a matching config...
Fedora 43 : python-dotenv (2026-20312e36a8)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-20312e36a8 advisory. Update to 1.2.2, security fix for CVE-2026-28684. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 44 : python-dotenv (2026-79e64d2daa)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-79e64d2daa advisory. Update to 1.2.2, security fix for CVE-2026-28684. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
MAL-2026-3759 Malicious code in env-threads (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb511e0bf06367ec0341939aa68ee55859344c6ca6cb8d9f55f7e62cdcc8656 Package env-threads impersonates the legitimate dotenv package: its README, repository URL git://github.com/motdotla/dotenv.git, homepage, descriptio...
Malicious code in env-threads (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb511e0bf06367ec0341939aa68ee55859344c6ca6cb8d9f55f7e62cdcc8656 Package env-threads impersonates the legitimate dotenv package: its README, repository URL git://github.com/motdotla/dotenv.git, homepage, descriptio...
MAL-2026-3758 Malicious code in dotenvv-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fd33c6e511ab11f10b1dae91e2f083f486dd020bbf2dca5256eabc904f61b7 Package name dotenvv-tool impersonates the popular dotenv package; index.js is an admitted dummy stub "The real payload is in postinstall.js". The...
EUVD-2026-29148
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...
GHSA-5JGM-F9WR-9QM7 Duplicate Advisory: OpenClaw: Workspace dotenv files cannot override connector endpoint hosts
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-55cf-xx38-4p9p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost,...
Duplicate Advisory: OpenClaw: Workspace dotenv files cannot override connector endpoint hosts
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-55cf-xx38-4p9p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost,...
EUVD-2026-29137
OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection vulnerability allowing workspace dotenv to override MINIMAXAPIHOST. Attackers can redirect credentialed MiniMax API requests to attacker-controlled origins, exposing the MiniMax API key in Authorization headers...
GHSA-4MHR-CXR4-2PRM Duplicate Advisory: OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h2vw-ph2c-jvwf. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection vulnerability allowing workspac...
Duplicate Advisory: OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h2vw-ph2c-jvwf. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection vulnerability allowing workspac...
CVE-2026-45003
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...
CVE-2026-45003
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...
CVE-2026-45003
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for the Matrix, Mattermost, IRC, and Synology connectors . An attacker with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files, enabling loc...
CVE-2026-45003 OpenClaw < 2026.4.22 - Connector Endpoint Host Override via Workspace dotenv Files
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...
CVE-2026-45003 OpenClaw < 2026.4.22 - Connector Endpoint Host Override via Workspace dotenv Files
OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attackers with workspace access can redirect runtime traffic to malicious endpoints by setting endpoint variables in dotenv files...
CVE-2026-44992
OpenClaw 2026.4.5 (vulnerable prior to 2026.4.20) suffers an environment variable injection vulnerability where workspace dotenv can override MINIMAX_API_HOST. This enables an attacker to redirect credentialed MiniMax API requests to attacker-controlled origins, exposing the MiniMax API key found...
CVE-2026-44992 OpenClaw 2026.4.5 through 2026.4.19 - MiniMax API Host Override via Workspace dotenv
OpenClaw versions 2026.4.5 before 2026.4.20 contain an environment variable injection vulnerability allowing workspace dotenv to override MINIMAXAPIHOST. Attackers can redirect credentialed MiniMax API requests to attacker-controlled origins, exposing the MiniMax API key in Authorization headers...