Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added last week4 views

CVE-2026-47729

A flaw was found in Squid. Due to improper input validation, an out-of-bounds read can occur in the FTP gateway. This issue allows an authenticated and trusted client to read memory from random transactions when accessing a misbehaving FTP server using the Squid gateway feature. Mitigation When F...

6.5CVSS5.8AI score
Exploits1References4
CVE
CVE
added 2026/05/04 1:47 p.m.24 views

CVE-2026-6266

The vulnerability CVE-2026-6266 affects the AAP gateway’s user auto-link strategy introduced in AAP 2.6. The flaw derives from linking an external IDP identity to an existing AAP user account based on email matching without verifying email ownership, enabling potential account hijacking or unauth...

8.3CVSS5.8AI score0.00397EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 contained security vulnerabilities. These vulnerabilities stemmed from an issue with the permission escalation mechanism in the gateway plugin’s HTTP authentication process...

7.1CVSS5.8AI score0.00239EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.30 views

CVE-2026-28466 OpenClaw < 2026.2.14 - Remote Code Execution via Node Invoke Approval Bypass

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject...

9.9CVSS0.0042EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/05 9:59 p.m.4 views

EUVD-2026-9904

OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import, allowing code execution. An attacker with gateway configuration modification access can load and...

8.6CVSS6.1AI score0.00405EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/04 8:45 a.m.5 views

CVE-2026-27443 S/MIME Decryption Tag Sanitization Bypass

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers...

8.2CVSS5.9AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26722

Malicious code in bioql PyPI...

4.9CVSS6.5AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-33410

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00387EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-5589

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/04 12:0 a.m.5 views

PT-2025-31820 · Unknown · Ansible Aap-Gateway

Name of the Vulnerable Software and Affected Versions: Ansible aap-gateway affected versions not specified Description: A flaw exists in Ansible aap-gateway where cross-site request forgery CSRF origin checking is not performed on requests originating from the gateway to external components,...

5.3CVSS6.1AI score0.00238EPSS
Exploits0References8
CVE
CVE
added 2025/03/03 3:3 p.m.108 views

CVE-2025-1801

Summary (CVE-2025-1801): A race-condition vulnerability in the Red Hat Ansible Automation Platform (AAP) 2.5 gateway’s aap-gateway GRPC service could let a less-privileged user obtain a greater-privileged user’s JWT, risking session data and server integrity. CVSS v3.1 base score 8.1 (HIGH) with ...

8.1CVSS7.8AI score0.00295EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/11/11 10:29 a.m.2 views

freerdp: improper client input validation for gateway connections allows to overwrite memory

A flaw was found in the FreeRDP client when it fails to validate input data when using gateway connections. This flaw could allow a malicious gateway to send a specially crafted input to a client leading to an out of bounds write in client memory. The highest threat from this flaw is that it coul...

8.8CVSS7.4AI score0.01346EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/17 3:8 p.m.4 views

etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS

A flaw was found in etcd, where the etcd gateway is a simple TCP proxy that allows basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This issue results in a denial of service since the endpoint can become stuck in a loop of requesting itsel...

7.7CVSS7.3AI score0.01206EPSS
Exploits0References5
Rows per page
Query Builder