DRUPAL-CONTRIB-2026-025

This module enables you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created. The module doesn't sufficiently validate certain fields coming fro...

PT-2026-20370

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description OpenClaw is a personal AI assistant that utilizes discovery beacons Bonjour/mDNS and DNS-SD which include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. These TXT...

EUVD-2025-198947

Malicious code in @posthog/first-time-event-tracker npm...

EUVD-2023-29487

Malicious code in bioql PyPI...

CVE-2025-5689

A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session...

Experiencing Verge for the First Time

...

Change in Android Enterprise configuration for XenMobile On-premises environment.

Awareness for XenMobile On-premises server admins about the Android Enterprise configuration first time setup...

CVE-2023-25535

Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation LPE. This vulnerability only affects first-time installations done prior to 8th March 2023...

Design/Logic Flaw

Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation LPE. This vulnerability only affects first-time installations done prior to 8th March 2023...

CVE-2023-25535

Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation LPE. This vulnerability only affects first-time installations done prior to 8th March 2023...

CVE-2023-25535

Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation LPE. This vulnerability only affects first-time installations done prior to 8th March 2023...

Studio Console Shows "Enable DaaS" for First Time Use

Citrix DaaS customers encounter the following message indicating their service needs to be enabled for one of the following reasons: 1 DaaS must be enabled for first time use 2 DaaS is disabled due to inactivity 3 DaaS subscription licenses are updated renewal or net new...

CWA 2202 : Published desktop fails to launch when CWA is used

-- Issue with CWA only -- Same endpoint works when same VDA is launched from Store URL -- Issue with 1 end point only -- Never worked on the CWA -- First time set up Details...

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

CVE-2020-12834

eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...

CVE-2020-10916

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...

WP Security Audit Log < 4.0.2 - Broken Access Control in First-Time Install Wizard

Broken access control vulnerability affecting version 4.0.1 and below that could lead to privilege escalation, sensitive data exposure and insecure deserialisation. To exploit the vulnerability, the wizard must not have been completed, otherwise it won’t work...

Check Point Gaia Operating System Open Interfaces With Default Password (sk145612)

The remote host is running a version of Gaia Operating System that is vulnerable to attacks after a CPUSE clean install and before completing the First Time Wizard. This is due to the administrator password being reset during the CPUSE clean installation process without also resetting interface...

Machine is vulnerable to attacks after CPUSE clean install and before completing the First Time Wizard

...