CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

151 matches found

EUVD•added 2026/04/28 6:9 p.m.•0 views

EUVD-2026-26105

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

7.6CVSS5.5AI score0.00075EPSS

Exploits0References4

Cvelist•added 2026/04/28 6:9 p.m.•28 views

CVE-2026-41397 OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal

7.6CVSS0.00075EPSS

Exploits0References4

Vulnrichment•added 2026/04/28 6:9 p.m.•1 views

CVE-2026-41397 OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal

7.6CVSS5.5AI score0.00075EPSS

Exploits0References4

ATTACKERKB•added 2026/04/28 6:9 p.m.•0 views

CVE-2026-41397

7.6CVSS5.5AI score0.00075EPSS

Exploits0References5

CVE•added 2026/04/28 6:9 p.m.•4 views

CVE-2026-41397

OpenClaw is affected: OpenClaw before 2026.3.31 has a sandbox escape vulnerability that lets an attacker bypass sandbox restrictions by crafting malicious symlinks during Mirror Sync/file synchronization, enabling traversal of directory boundaries. Affected component is the file synchronization/s...

9.6CVSS5.5AI score0.00075EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/04/28 12:0 a.m.•4 views

OpenClaw 后置链接漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had a post-link vulnerability due to a sandbox escape issue. This vulnerability could allow remote attackers to access arbitrary files by exploiting symbolic links during fil...

9.6CVSS5.9AI score0.00075EPSS

Exploits0References1

Positive Technologies•added 2026/04/28 12:0 a.m.•3 views

PT-2026-35781

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A sandbox escape allows attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafti...

9.6CVSS5.9AI score0.00075EPSS

Exploits0References8

UbuntuCve•added 2026/04/23 12:0 a.m.•7 views

CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

9.8CVSS5.8AI score0.06827EPSS

Exploits1References3

RedhatCVE•added 2026/03/05 7:31 p.m.•1 views

CVE-2026-20018

A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating...

5.9CVSS6.1AI score0.00053EPSS

Exploits0References1

EUVD•added 2026/03/04 6:31 p.m.•4 views

EUVD-2026-9456

5.9CVSS6.1AI score0.00053EPSS

Exploits0References2

NVD•added 2026/03/04 6:16 p.m.•4 views

CVE-2026-20018

5.9CVSS0.00053EPSS

Exploits0References1

CVE•added 2026/03/04 5:39 p.m.•24 views

CVE-2026-20018

Cisco Secure Firewall Management Center (FMC) and Cisco Secure Firewall Threat Defense (FTD) are affected by CVE-2026-20018 in the sftunnel functionality. The issue stems from insufficient directory-path validation during file synchronization, enabling an authenticated, remote attacker with admin...

5.9CVSS6.1AI score0.00053EPSS

Exploits0References1

ATTACKERKB•added 2026/03/04 5:39 p.m.•3 views

CVE-2026-20018

5.9CVSS6.1AI score0.00053EPSS

Exploits0References2Affected Software2

Positive Technologies•added 2026/03/04 12:0 a.m.•4 views

PT-2026-23015

5.9CVSS6.1AI score0.00053EPSS

Exploits0References2

CNNVD•added 2026/02/11 12:0 a.m.•2 views

QNAP Qsync Central 代码问题漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a code vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service attack...

6.5CVSS5.9AI score0.0005EPSS

Exploits0References2

Fedora•added 2025/12/03 1:40 a.m.•6 views

[SECURITY] Fedora 41 Update: nextcloud-32.0.2-1.fc41

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

7.3CVSS6.9AI score0.06307EPSS

Exploits0

Fedora•added 2025/12/03 12:59 a.m.•5 views

[SECURITY] Fedora 43 Update: nextcloud-32.0.2-1.fc43

7.3CVSS6.9AI score0.06307EPSS

Exploits0

CNNVD•added 2025/11/18 12:0 a.m.•2 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync that stems from an out-of-bounds read of the heap buffer due to a negative array index, which could lead to information disclosure...

4.3CVSS6.2AI score0.00063EPSS

Exploits0References5

CNNVD•added 2025/10/15 12:0 a.m.•2 views

Adobe Creative Cloud Desktop 安全漏洞

Adobe Creative Cloud Desktop is a suite of applications for managing applications and services in the Creative Cloud Member Management Center from the American company Audobee Adobe. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...

5.6CVSS6.7AI score0.00014EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-9327

Malware in sbrugna...

6.4CVSS8.3AI score0.08882EPSS

Exploits1References18

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by