2808 matches found
CVE-2026-16199
CVE-2026-16199 affects the NextLevelBuilder GoClaw project, specifically the function ExecTool.Execute in goclaw/internal/tools/credentialed_exec.go, and is associated with versions up to 3.13.3-beta.3. The vulnerability arises from a flaw in ExecTool.Execute that can lead to improper authorizati...
CVE-2026-16120
A vulnerability was determined in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This impacts the function matchesAllowlist/extractBin of the file internal/tools/execapproval.go. Executing a manipulation can lead to incorrectly-resolved name. The attack may be performed from remote. The exploit has...
CVE-2026-16120
CVE-2026-16120 affects nextlevelbuilder GoClaw up to version 3.13.3-beta.3. The vulnerability targets the function matchesAllowlist/extractBin in internal/tools/exec_approval.go, where manipulation can cause an incorrectly-resolved name. The attack can be performed remotely, and public exploitati...
CVE-2026-16120
A vulnerability was determined in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This impacts the function matchesAllowlist/extractBin of the file internal/tools/execapproval.go. Executing a manipulation can lead to incorrectly-resolved name. The attack may be performed from remote. The exploit has...
CVE-2026-16082
Summary of CVE-2026-16082 : Affects Sipeed PicoClaw up to version 0.2.9. The vulnerability is in the function ExecTool.executeRun (file: pkg/agent/pipeline_execute.go) where manipulation of the argument cwe leads to a time-of-check time-of-use issue. Exploitation is local, and a public exploit is...
Mesop AI Sandbox <= 1.2.2 - Remote Code Execution
Mesop = 1.2.2 contains an unrestricted remote code execution caused by unauthenticated ingestion and execution of base64-encoded Python code in the /exec-py endpoint of ai/testing module, letting attackers execute arbitrary commands on the host, exploit requires HTTP access to the server. id:...
Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()
Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...
EUVD-2026-45256
Agentic-Flow is an AI agent orchestration platform. Prior to 2.0.14, agentic-flow MCP server tools in src/mcp/standalone-stdio.ts, src/mcp/fastmcp/servers/claude-flow-sdk.ts, src/mcp/fastmcp/servers/stdio-full.ts, src/mcp/fastmcp/servers/http-streaming-updated.ts,...
CVE-2026-62201
OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...
EUVD-2026-45117
OpenClaw before 2026.5.18 contain an authorization bypass vulnerability in exec allowlist glob matching that allows lower-trust callers to execute actions beyond intended authorization. Attackers can craft input paths that traverse the allowlist glob patterns to execute or persist unauthorized...
CVE-2026-62228 OpenClaw < 2026.6.5 Authorization Bypass via Node Exec Approvals
OpenClaw before 2026.6.5 contain an authorization bypass vulnerability in node exec approvals that allows lower-trust callers to execute actions beyond their intended authorization by using different gateway and node environments. Attackers can exploit mismatched environment configurations to...
CVE-2026-62228
CVE-2026-62228 affects OpenClaw prior to 2026.6.5, describing an authorization bypass in node exec approvals. The vulnerability arises from mismatched gateway and node environments, enabling lower-trust callers to persist or execute actions beyond their approved permissions due to environment con...
CVE-2026-62217
OpenClaw 2026.5.14-beta.1 before 2026.5.27 contains an authorization flaw in the QQBot exec approvals feature. When enabled and reachable, a lower-trust caller or configured input path could perform actions beyond the caller’s intended authorization, allowing non-allowlisted senders to execute or...
CVE-2026-62217 OpenClaw 2026.5.14-beta.1 < 2026.5.27 Authentication Bypass via exec approvals
OpenClaw 2026.5.14-beta.1 before 2026.5.27 contain an authorization flaw in the QQBot exec approvals feature. When the feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization, allowing...
CVE-2026-62201 OpenClaw < 2026.6.6 Network Policy Bypass via exec-server
OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...
EUVD-2026-45090
OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...
CVE-2026-62201
OpenClaw prior to version 2026.6.6 contains a network policy bypass in the sandbox exec-server that lets lower-trust callers reach internal network destinations blocked by policy. Attackers can send HTTP requests through the exec-server to access restricted network resources. The CVE description ...
PT-2026-60865
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.10.0 Description An issue exists in the code validation API endpoint that allows authenticated users to execute arbitrary system commands with the full privileges of the server process. The endpoint...
mongo-express Remote Code Execution
mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the toBSON method and misuse the vm dependency to perform exec commands in a non-safe environment. id: CVE-2019-10758 info: name: mongo-express Remote Code Execution author: princechaddha severity: critical...
PT-2026-60317
Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.07 Description The avatar upload functionality allows the embedding of user-supplied filenames into paths that are subsequently passed to the child process.exec function for MIME-type detection. Specifically, the...