Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35656

OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers can inject forged forwarding headers to bypass canvas authentication and rate-limiting...

6.5CVSS5.8AI score0.00314EPSS
Exploits0References5
OSV
OSV
added 2026/03/26 9:42 p.m.4 views

GHSA-844J-XRRQ-WGH4 OpenClaw: Forwarding header spoofing bypasses gateway.trustedProxies origin detection

Summary When gateway.trustedProxies was configured, spoofed loopback hops in forwarding headers could be accepted as the client origin and weaken downstream auth and rate-limit decisions. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked:...

6.5CVSS5.9AI score0.00314EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/03 10:17 p.m.3 views

Reliance on Untrusted Inputs in a Security Decision

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision via improper parsing of the X-Forwarded-For header behind trusted proxies. An attacker can influence security decisions tied to client...

6.3CVSS5.8AI score0.00189EPSS
Exploits0References2
OSV
OSV
added 2026/01/27 7:16 p.m.4 views

UBUNTU-CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...

5.3CVSS5.8AI score0.00312EPSS
Exploits0References6
Rows per page
Query Builder