CVE-2026-44993

OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been...

PT-2026-39682

OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been...

PT-2026-31307

Name of the Vulnerable Software and Affected Versions Wimi Teamwork On-Premises versions prior to 8.2.0 Description Wimi Teamwork On-Premises versions prior to 8.2.0 contain an insecure direct object reference issue in the /preview.php endpoint. The item id parameter does not have sufficient...

EUVD-2021-14513

Malware in sbrugna...

CVE-2021-27772

Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead t...

CVE-2021-27772

Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead t...

Information disclosure

Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead t...

CVE-2021-27772 HCL Sametime is vulnerable to an information disclosure

Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead t...

CVE-2021-27772

CVE-2021-27772 concerns an authorization flaw in HCL Sametime (notably in versions around 11.6 per connected CNVD/CNNVD records) that allows users to read contents of group conversations without participating . The underlying issue enables leakage of confidential information discussed in private ...

HCL Technologies HCL Sametime 授权问题漏洞

HCL Sametime, a conferencing solution from HCL Technologies, is vulnerable to an authorization issue in HCL Sametime version 11.6, which stems from an application where users can read group conversations without actively participating, which could be exploited to read sensitive information...

New WhatsApp flaws let attackers hack chats to spread fake news

By Waqas Spreading fake news through WhatsApp was never so easy before. According to the latest research from Check Point security firm, WhatsApp users are at the risk of getting their private chats and group conversations hacked and exploited. Researchers discovered a new wave of attacks that...