Lucene search
K

155 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43577

OpenClaw before 2026.4.9 contains a file read vulnerability allowing attackers to bypass navigation guards through browser act/evaluate interactions. Attackers can pivot into the local CDP origin and create or read disallowed file:// pages despite direct navigation policy restrictions...

7.1CVSS5.8AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-38232

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.9 Description A file read issue allows attackers to bypass navigation guards through browser act/evaluate interactions. This enables attackers to pivot into the local Chrome DevTools Protocol CDP origin and...

7.1CVSS5.8AI score0.00253EPSS
Exploits0References6
NVD
NVD
added 2026/05/05 12:16 p.m.16 views

CVE-2026-43567

OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screenrecord tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system...

7.1CVSS0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/05 11:25 a.m.7 views

EUVD-2026-27285

OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screenrecord tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system...

7.1CVSS5.8AI score0.0022EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:25 a.m.7 views

CVE-2026-43567

OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screenrecord tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system...

7.1CVSS5.8AI score0.0022EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/05 11:25 a.m.4 views

CVE-2026-43567 OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter

OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screenrecord tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system...

7.1CVSS5.8AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.10 views

PT-2026-37297

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.1 Description An issue in the 'objects/users.json.php' endpoint allows unauthenticated remote attackers to disclose the full set of registered user accounts. This occurs through two distinct paths: First, the...

5.3CVSS5.8AI score0.0027EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.18 views

PT-2026-34977

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the alps raw event function within the hid-alps driver. This occurs because the driver fails to properly check if it has been claimed correctly befor...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References348
Vulnrichment
Vulnrichment
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.2AI score0.00315EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 9:57 p.m.13 views

CVE-2026-41334

OpenClaw before 2026.3.31 is affected by a decompression bomb DoS in image processing. The vulnerability stems from failing to properly enforce pixel-limit guards on sips, allowing attackers to upload oversized images that exhaust memory and cause denial of service. The CVSS metrics indicate netw...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-34765

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/16 10:34 p.m.5 views

EUVD-2026-23227

@fastify/static vulnerable to route guard bypass via encoded path separators...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References5
OSV
OSV
added 2026/04/16 10:34 p.m.4 views

GHSA-X428-GHPX-8J92 @fastify/static vulnerable to route guard bypass via encoded path separators

Impact @fastify/static v9.1.0 and earlier decodes percent-encoded path separators %2F before filesystem resolution, but Fastify's router treats them as literal characters. This creates a routing mismatch: route guards on /admin/ do not match /admin%2Fsecret.html, but @fastify/static decodes it to...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/16 10:34 p.m.6 views

@fastify/static vulnerable to route guard bypass via encoded path separators

Impact @fastify/static v9.1.0 and earlier decodes percent-encoded path separators %2F before filesystem resolution, but Fastify's router treats them as literal characters. This creates a routing mismatch: route guards on /admin/ do not match /admin%2Fsecret.html, but @fastify/static decodes it to...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/16 7:58 p.m.6 views

CVE-2026-6414

A flaw was found in @fastify/static. A remote attacker can exploit this vulnerability by sending specially crafted requests that include percent-encoded path separators. This mismatch in how @fastify/static decodes these separators compared to the Fastify router allows the attacker to bypass...

5.9CVSS5.7AI score0.00398EPSS
Exploits0References7
NVD
NVD
added 2026/04/16 1:16 p.m.3 views

CVE-2026-6414

@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators %2F before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows attackers to bypass route-based middleware or guards that protect files served by @fastify/static. F...

5.9CVSS0.00398EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/16 1:9 p.m.9 views

CVE-2026-6414

@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators %2F before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows attackers to bypass route-based middleware or guards that protect files served by @fastify/static. F...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/16 1:9 p.m.4 views

CVE-2026-6414 @fastify/static vulnerable to route guard bypass via encoded path separators

@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators %2F before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows attackers to bypass route-based middleware or guards that protect files served by @fastify/static. F...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.5 views

PT-2026-33313

Name of the Vulnerable Software and Affected Versions @fastify/static versions 8.0.0 through 9.1.0 Description @fastify/static decodes percent-encoded path separators '%2F' before filesystem resolution, whereas the Fastify router treats them as literal characters. This discrepancy allows for a...

5.9CVSS5.7AI score0.00398EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/13 3:25 p.m.4 views

Malicious code in @guards-lib/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b72a9569fc4d43fe6d130bd5ecad08b4e9442b7ca7d8b03c4bfc8a44916d3e6 The package @guards-lib/auth was found to contain malicious code. Source: ghsa-malware 47112682da1426da21d8164ed1b9dd3a0dfa3e989e43b8143aad8831987f65...

5.7AI score
Exploits0References1
Rows per page
Query Builder