Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/29 3:10 p.m.12 views

CVE-2026-35630

OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver identity. Non-approver users can click approval buttons to resolve pending exec or plugin approval requests without proper authorization...

8CVSS5.8AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-44896

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An authorization bypass exists in the QQBot native approval buttons. The button callback path fails to enforce the configured approver identity, allowing users who are not authorized approvers t...

8CVSS5.7AI score0.00199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.12 views

PT-2026-35758

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An incomplete host-env-security-policy.json fails to restrict compiler binary environment variables. This allows untrusted models to substitute CC, CXX, CARGO BUILD RUSTC, and CMAKE C COMPILER...

6.1CVSS6.2AI score0.0013EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2021/06/13 5:52 a.m.94 views

CVE-2021-20198

A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated /exec...

8.1CVSS3.1AI score0.01833EPSS
Exploits0References3
Rows per page
Query Builder