Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/04/28 6:10 p.m.29 views

CVE-2026-41914 OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies...

8.5CVSS0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/28 6:10 p.m.1 views

CVE-2026-41914 OpenClaw < 2026.4.8 - Server-Side Request Forgery in QQ Bot Media Fetch Paths

OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies...

8.5CVSS5.2AI score0.00218EPSS
Exploits0References3
CVE
CVEadded 2026/04/28 6:10 p.m.10 views

CVE-2026-41914

OpenClaw contains a server-side request forgery in QQ Bot media download paths prior to 2026.4.8. The issue allows unprotected media fetch endpoints to bypass SSRF protection and access internal resources, circumventing allowlists. Affected package: openclaw (QQ Bot extension) with versions

8.5CVSS5.2AI score0.00218EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2026/04/09 5:36 p.m.3 views

GHSA-3FV3-6P2V-GXWJ OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through the SSRF guard and allowlist policy. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

5.9CVSS5.8AI score0.00218EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/04/09 5:36 p.m.6 views

OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

Impact QQ Bot Extension: Missing SSRF Protection on All Media Fetch Paths. QQ Bot media download paths were not consistently routed through the SSRF guard and allowlist policy. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

8.5CVSS5.9AI score0.00218EPSS
Exploits0References2Affected Software1
Kitploit
Kitploitadded 2018/02/24 1:6 p.m.79 views

meg - Fetch Many Paths For Many Hosts (Without Killing The Hosts)

meg is a tool for fetching lots of URLs but still being 'nice' to servers. It can be used to fetch many paths for many hosts; fetching one path for all hosts before moving on to the next path and repeating. You get lots of results quickly, but non of the individual hosts get flooded with traffic...

7AI score
Exploits0References3
Rows per page
Query Builder