Lucene search
K

34 matches found

EUVD
EUVD
added 2026/06/19 12:31 a.m.9 views

EUVD-2026-37959

PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approvalmode to auto, overriding administrator configuration from PRAISONAPPROVALMODE environment variable. Authenticated attackers can instruct the LLM agent to execute arbitrary...

8.8CVSS6AI score0.00476EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 6:4 p.m.14 views

CVE-2026-53846

OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the npm_execpath configuration used for bundled runtime dependency installation. Attackers with workspace access can execute unintended local package-manager execut...

7.1CVSS5.4AI score0.00118EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/11 8:10 p.m.23 views

CVE-2026-53819

OpenClaw prior to 2026.5.27 is affected by an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can cause OpenClaw to execute unintended Homebrew-compatible ...

8.8CVSS6.2AI score0.00298EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

openSUSE 16 Security Update : apache2 (openSUSE-SU-2026:20810-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20810-1 advisory. Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverri...

9.1CVSS7AI score0.04409EPSS
Exploits2References24
Snyk
Snyk
added 2026/05/20 3:35 p.m.10 views

Arbitrary Argument Injection

Overview symfony/runtime is an Enables decoupling PHP applications from global state Affected versions of this package are vulnerable to Arbitrary Argument Injection via SymfonyRuntime::getInput when registerargcargv=On in web SAPIs. An attacker can modify the Symfony application environment and...

5.4CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2026/04/28 6:9 p.m.29 views

CVE-2026-41396 OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDPLUGINSDIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by overriding the bundled plugin trust root directory...

8.5CVSS0.00126EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:9 p.m.22 views

CVE-2026-41396

OpenClaw is affected prior to version 2026.3.31. Affected: openclaw (npm). Vulnerability: workspace .env files can override OPENCLAW_BUNDLED_PLUGINS_DIR, allowing manipulation of the bundled plugin trust root and undermining plugin trust verification. Impact: attackers with control over workspace...

8.5CVSS5.2AI score0.00126EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:9 p.m.4 views

CVE-2026-41373

OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGOBUILDRUSTC, and CMAKECCOMPILER via environment overrides. Attackers with approved host-exec requests c...

6.1CVSS5.8AI score0.0013EPSS
Exploits0References4
NVD
NVD
added 2026/04/23 10:16 p.m.8 views

CVE-2026-41336

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...

8.5CVSS0.00133EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.6 views

CVE-2026-41336

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...

8.5CVSS6.1AI score0.00133EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.4 views

PT-2026-34767

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW BUNDLED HOOKS DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...

8.5CVSS6.1AI score0.00133EPSS
Exploits0References5
CVE
CVE
added 2026/04/10 4:3 p.m.11 views

CVE-2026-35650

OpenClaw before 2026.3.22 is affected by an environment variable override handling vulnerability in which inconsistent sanitization paths allow blocked or malformed override keys to bypass the shared host environment policy. The issue enables an attacker to execute arbitrary code with unintended ...

8.8CVSS6.2AI score0.00489EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.9 views

OpenClaw: Windows-compatible env override keys could bypass system.run approval binding

Summary Before OpenClaw 2026.4.2, system-run approval binding normalized environment override keys differently from host execution. Windows-compatible keys could be omitted from the approval binding while still being injected at execution time. Impact An approved command could run with...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/02 9:0 p.m.9 views

OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code

Summary Workspace .env can override the bundled hooks root and load attacker hook code Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: v2026.3.28 still lets workspace .env override OPENCLAWBUNDLEDHOOKSDIR, which can replace trusted default-on bundled hooks from ...

8.5CVSS5.9AI score0.00133EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/01 12:2 a.m.1 views

GHSA-8RH7-6779-CJQQ OpenClaw has a CWD `.env` environment variable injection which bypasses host-env policy and allows config takeover

Summary OpenClaw loaded the current working directory .env before trusted state-dir configuration, allowing untrusted workspace state to inject host environment values. Impact A repository or workspace containing a malicious .env file could override runtime configuration and security-sensitive...

9.6CVSS5.9AI score0.0013EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/31 11:57 p.m.6 views

OpenClaw host-env blocklist missing `GIT_TEMPLATE_DIR` and `AWS_CONFIG_FILE` allows code execution via env override

Summary Host execution env sanitization did not block GITTEMPLATEDIR or AWSCONFIGFILE, even though both can redirect trusted tooling to attacker-controlled content. Impact An approved exec request could redirect git or AWS CLI behavior through attacker-controlled configuration and execute untrust...

5.8CVSS6.2AI score0.00105EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/14 11:3 a.m.2 views

SUSE-SU-2026:20081-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

8.3CVSS5.8AI score0.015EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 8 : httpd:2.4 (AXSA:2026-017:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-017:01 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

8.3CVSS7.4AI score0.015EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.3 views

SUSE SLES15: apache2 / apache2-devel / apache2-doc / apache2-prefork / etc (SUSE-SU-2026:0019-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0019-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override...

8.3CVSS6.8AI score0.015EPSS
Exploits0References13
SUSE Linux
SUSE Linux
added 2026/01/05 11:10 a.m.5 views

Security update for apache2

This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...

6.8CVSS6.7AI score0.015EPSS
Exploits0References16
Rows per page
Query Builder