GHSA-2V5F-5R6W-P67R MCP Registry: OCI validator skips ownership check on upstream rate limits

OCI ownership validation fails open on upstream rate limits, allowing attacker to claim arbitrary public OCI images under their own namespace Severity: Low re-scored post-triage; see Maintainer triage note below Affected: modelcontextprotocol/registry main branch at commit fe0cb3b current HEAD as...

CVE-2026-41377

OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures to install untrusted plugins when operators proceed despite visible scan warnings...

CVE-2026-41377

OpenClaw OpenClaw before 2026.3.31 has a fail-open vulnerability in the plugin installation flow: security scan failures do not block installation, allowing the possibility to install untrusted plugins when operators proceed after visible scan warnings. Affected product: openclaw (npm). Vulnerabl...

PT-2026-35762

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A fail-open issue exists in the plugin installation flow where security scan failures do not block the installation process. This allows attackers to install untrusted plugins if operators choos...

CVE-2026-40343

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-40343

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

GHSA-JWCH-W7WH-GQJM free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...

EUVD-2026-24555

free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation...

CVE-2026-40249

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

CVE-2026-40249

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

CVE-2026-40249

CVE-2026-40249 affects free5GC UDR (versions 4.2.1 and earlier). The PUT handler for /nudr-dr/v2/policy-data/subs-to-notify/{subsId} may continue processing after request body read or deserialization errors, invoking the processor with an uninitialized/partially initialized PolicyDataSubscription...

CVE-2026-40249 free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify/subsId PUT handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended modification of existing Policy Data notificatio...

GHSA-GX38-8H33-PMXR free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify/subsId PUT handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended modification of existing Policy Data notificatio...

PT-2026-32976

Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description A fail-open request handling flaw exists in the UDR service. The PUT handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify/subsId' does not terminate execution after request body...

CLSA-2026-1776098295 pyOpenSSL: Fix of CVE-2026-27448

CVE-2026-27448: fix fail-open in settlsextservernamecallback when callback raises exception...

OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open)

Summary Security Scan Failure Does Not Block Plugin Installation Fail-Open Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: Real in shipped v2026.3.28 plugin install flow, but low severity fits because it still requires an operator to choose installation of an...

GHSA-CWQ8-6F96-G3Q4 OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open)

Summary Security Scan Failure Does Not Block Plugin Installation Fail-Open Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: Real in shipped v2026.3.28 plugin install flow, but low severity fits because it still requires an operator to choose installation of an...