185 matches found
CVE-2026-35486
CVE-2026-35486 affects text-generation-webui prior to 4.3, where the superbooga/superboogav2 RAG extensions fetch user-supplied URLs via requests.get() without validation. The root cause is lack of URL scheme validation, IP filtering, and hostname allowlisting, enabling an attacker to reach cloud...
EUVD-2026-19671
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access clo...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the process that fetches quoted, root, or thread context messages, which bypasses the sender allowlist. An attacker can access message content from unauthorized...
HTTPS Fetch, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/https/x86/dllinject/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentc...
CVE-2026-32030
OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...
CVE-2026-32030
OpenClaw is affected in versions prior to 2026.2.19 by a path traversal vulnerability in the stageSandboxMedia function when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the OpenClaw process on the configur...
CVE-2026-32030 OpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path Traversal
OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...
MAL-2026-1320 Malicious code in chain-promised-await (npm)
Remote code execution via fetching code from a remote URL and Discord webhook usage indicates malicious intent. Single version adds to suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b882a33fdd394ef7a848100d8ee39ef4c7f0747942b4bea86e38af5780c978 The...
CVE-2026-28451
CVE-2026-28451 affects OpenClaw prior to 2026.2.14. The Feishu extension contains server-side request forgery (SSRF) in two paths: sendMediaFeishu(mediaUrl) and markdown image processing in Feishu DocX. An attacker who can influence tool calls or prompt injection can trigger requests to attacker-...
CVE-2026-28451 OpenClaw < 2026.2.14 - SSRF via Feishu Extension Media Fetching
OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls...
CVE-2026-28451 OpenClaw < 2026.2.14 - SSRF via Feishu Extension Media Fetching
OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls...
CVE-2026-27759
Featured Image from Content featured-image-from-content WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations ...
karakeep 跨站脚本漏洞
Karakeep is an open-source bookmarking app developed by Karakeep App. Version 0.30.0 of Karakeep contains a cross-site scripting vulnerability. This vulnerability arises from the Reddit meta-fetching plugin not using DOMPurify to clean HTML content, allowing malicious HTML to be executed in users...
CVE-2026-0599
A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...
CVE-2026-0599
A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...
PT-2026-5654
Name of the Vulnerable Software and Affected Versions huggingface/text-generation-inference version 3.3.6 huggingface/text-generation-inference versions prior to 3.3.7 Description A flaw exists in huggingface/text-generation-inference that allows unauthenticated remote attackers to cause a...
@kcconfigs/commitlint (>=0.1.0-beta.2 <=0.2.0), @pnpm/cache.commands (>=1000.0.52 <=1000.0.54) +35 more potentially affected by CVE-2026-23888 via @pnpm/fetching.binary-fetcher (>=1005.0.0 <=1005.0.1)
@pnpm/fetching.binary-fetcher NPM version =1005.0.0, =0.1.0-beta.2, =1000.0.52, =1001.2.17, =1001.1.13, =1016.0.0, =1002.2.21, =1003.0.24, =1002.0.3, =1000.0.52, =1001.0.16, =1001.1.10, =1002.1.28, =1000.3.8, =1002.0.23, =1000.1.51, =1000.1.53 and more Source cves: CVE-2026-23888 Source advisory:...
SUSE CVE-2017-18888
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts...
CVE-2025-15414
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...
CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...