101 matches found
CVE-2026-47125
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...
EUVD-2026-33370
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...
PT-2026-45033
Impact A Remote Code Execution RCE vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that directory, it can lead to arbitrary code execution and potential system takeover. The vulnerability CWE-426: Untrusted Search Path & CWE-15...
CVE-2026-45344
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...
Malicious code in wrld-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58965a325ad88c872b7c01668e4c08ca337b5fa022c15e626e23697d23fb594c The package exposes a public authentication API auth.user.login, auth.user.register, auth.user.get, auth.user.delete, plus an auth.system RPC surface...
CVE-2026-42461
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...
Malicious code in camelotlabs-core (npm)
Five packages camelotlabs-sdk, camelotlabs-core, camelotlabs-config, camelotlabs-worker, and camelotlabs-utils were published to the public npm registry at version 99.0.0 by the actor madman0619 as a dependency confusion attack targeting the internal npm packages of Camelot Labs. The inflated...
CVE-2026-43531
OpenClaw is vulnerable prior to version 2026.4.9 due to an environment variable injection flaw that allows malicious workspace .env files to set runtime-control variables. This can alter update sources, gateway URLs, ClawHub resolution, and browser executable paths, potentially changing applicati...
CVE-2026-43531
OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise...
CVE-2026-41336
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...
SUSE CVE-2026-28684
python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...
CVE-2026-41294
OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a repository or workspace to override runtime configuration and security-sensitive environment...
CVE-2026-41294
OpenClaw is affected by CVE-2026-41294: versions before 2026.3.28 load the current working directory’s .env file during startup before trusted state-dir configuration, allowing environment variable injection that can override runtime configuration and security-sensitive environment settings. The ...
CVE-2026-41294
OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a repository or workspace to override runtime configuration and security-sensitive environment...
CVE-2026-41294 OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File
OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a repository or workspace to override runtime configuration and security-sensitive environment...
UBUNTU-CVE-2026-28684
python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...
CVE-2026-28684
python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...
CVE-2026-28684
python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...
GHSA-7WV4-CC7P-JHXC OpenClaw: Workspace .env could inject OpenClaw runtime-control variables
Summary Workspace .env could inject OpenClaw runtime-control variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact A malicious workspace .env file could set OpenClaw runtime-control variables affecting update sources, gateway URLs,...
Malicious code in forge-jsx (npm)
forge-jsx is a malicious npm package that impersonates an Autodesk Forge SDK. It was published as a fully-formed RAT from its first version on April 7, 2026. Installing the package on any non-CI machine deploys a persistent background agent that captures all keystrokes, monitors clipboard content...