Lucene search
K

7 matches found

NVD
NVD
added 2026/06/16 7:17 p.m.17 views

CVE-2026-53852

OpenClaw before 2026.4.25 contains a scope containment bypass vulnerability in device re-pairing that allows authenticated operators to restore broader scopes than intended by submitting empty-scope re-pairing requests. Attackers can exploit this by sending re-pairing requests with empty scope se...

5.4CVSS0.00206EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.23 views

CVE-2026-53852

OpenClaw is affected by a scope containment bypass vulnerability (CVE-2026-53852) present prior to version 2026.4.25. The issue allows authenticated operators to bypass containment by submitting empty-scope device re-pairing requests, enabling them to restore broader scopes and retain unauthorize...

5.4CVSS5.3AI score0.00206EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49769

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A scope containment bypass exists in the device re-pairing process. Authenticated operators can restore or retain broader scopes than intended by submitting re-pairing requests with empty scope...

5.4CVSS5.2AI score0.00206EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-31690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certai...

8.1CVSS7.8AI score0.01011EPSS
Exploits0References2
OSV
OSV
added 2022/11/01 12:0 p.m.3 views

GHSA-32VJ-V39G-JH23 spring-security-oauth2-client vulnerable to Privilege Escalation

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

8.1CVSS5.9AI score0.01011EPSS
Exploits0References4
OSV
OSV
added 2022/10/31 8:15 p.m.2 views

UBUNTU-CVE-2022-31690

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

8.1CVSS7.2AI score0.01011EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2022/10/31 12:0 a.m.6 views

Privilege Escalation in spring-security-oauth2-client

Spring Security, versions 5.7 prior to 5.7.5 , and 5.6 prior to 5.6.9 , and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server whi...

8.1CVSS7.3AI score0.01011EPSS
Exploits0References4
Rows per page
Query Builder