CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

NVD•added 2026/03/19 2:16 a.m.•0 views

CVE-2026-31996

OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags or recursive grep flags. Attackers with command execution access can leverage sort -o flag for...

7.1CVSS0.00018EPSS

Exploits0References3

ATTACKERKB•added 2026/03/05 8:38 p.m.•2 views

CVE-2026-28442

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...

8.5CVSS5.9AI score0.00071EPSS

Exploits1References2

Cvelist•added 2026/03/05 8:38 p.m.•25 views

CVE-2026-28442 ZimaOS: Arbitrary Deletion of Internal System Files via API Path Manipulation

8.5CVSS0.00071EPSS

Exploits1References1

Cvelist•added 2025/10/14 4:42 p.m.•5 views

CVE-2025-37146 Unauthorized Filesystem Operations in System Firmware allow Authenticated Remote Code Execution

A vulnerability in the web-based management interface of network access point configuration services could allow an authenticated remote attacker to perform remote command execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.0029EPSS

Exploits0References1

CVE•added 2025/10/14 4:42 p.m.•5 views

CVE-2025-37146

The CVE-2025-37146 entry describes a vulnerability in the web-based management interface of network access point configuration services (e.g., HPE ArubaOS) that can allow an authenticated remote attacker to perform remote command execution on the underlying OS. The public sources indicate exploit...

7.2CVSS7.4AI score0.0029EPSS

Exploits0References1