CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

CNNVD•added 2026/05/26 12:0 a.m.•10 views

Kubevirt 后置链接漏洞

Kubevirt is an open-source virtual machine manager developed by KubeVirt. Kubevirt has a post-installation vulnerability, which stems from improper verification of symbolic links. This vulnerability may allow authenticated OpenShift users to manipulate the console socket in a single namespace by...

9.9CVSS5.8AI score0.00573EPSS

Exploits0References2

SUSE CVE•added 2026/05/22 2:20 a.m.•9 views

SUSE CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

6.1CVSS5.9AI score0.00272EPSS

Exploits0References3

NVD•added 2026/03/23 10:16 p.m.•2 views

CVE-2026-27646

OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass sandbox restrictions by invoking the /acp spawn slash-command to cross from sandboxed chat conte...

7.1CVSS0.00104EPSS

Exploits0References3

Cvelist•added 2026/03/23 9:36 p.m.•21 views

CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command

6.1CVSS0.00104EPSS

Exploits0References3

ATTACKERKB•added 2026/03/23 9:36 p.m.•3 views

CVE-2026-27646

5.8CVSS5.3AI score0.00104EPSS

Exploits0References4

EUVD•added 2026/03/23 9:36 p.m.•6 views

EUVD-2026-14557

5.8CVSS5.3AI score0.00104EPSS

Exploits0References3

Vulnrichment•added 2026/03/23 9:36 p.m.•3 views

CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command

6.1CVSS5.3AI score0.00104EPSS

Exploits0References3

CVE•added 2026/03/23 9:36 p.m.•9 views

CVE-2026-27646

OpenClaw Open Source project is vulnerable to a sandbox-escape in the /acp spawn path prior to version 2026.3.7. A sandboxed session could reach host-side ACP runtime initialization via the /acp spawn command, bypassing sandbox restrictions and potentially enabling host-context ACP initialization...

7.1CVSS5.3AI score0.00104EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/03/23 12:0 a.m.•4 views

PT-2026-27223

5.8CVSS5.3AI score0.00104EPSS

Exploits0References4

Github Security Blog•added 2026/03/09 7:54 p.m.•7 views

OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions

Summary Sandboxed requester sessions could reach host-side ACP session initialization through /acp spawn. OpenClaw already blocked sessionsspawn runtime: "acp" from sandboxed sessions, but the slash-command path initialized ACP directly without applying the same host-runtime guard first. Affected...

7.1CVSS5.5AI score0.00104EPSS

Exploits0References6Affected Software1

OSV•added 2026/03/09 7:54 p.m.•3 views

GHSA-9Q36-67VC-RRWG OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions

6.1CVSS5.5AI score0.00104EPSS

Exploits0References6

RedhatCVE•added 2026/01/14 11:18 p.m.•6 views

CVE-2026-22686

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host Node.js runtime. When a tool invocation fails,...

10CVSS8AI score0.00588EPSS

Exploits3References1

Cvelist•added 2026/01/13 11:11 p.m.•25 views

CVE-2026-22686 Sandbox Escape via Host Error Prototype Chain in enclave-vm

10CVSS0.00588EPSS

Exploits3References2

RedhatCVE•added 2025/05/22 11:43 p.m.•6 views

CVE-2022-21707

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

8.1CVSS6.7AI score0.00947EPSS

Exploits0References1

CNNVD•added 2024/04/04 12:0 a.m.•3 views

wasmtime 安全漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A security vulnerability exists in wasmtime version 19.0.0, which stems from a security flaw in the valid WebAssembly module in the host runtime...

5.5CVSS6.5AI score0.00318EPSS

Exploits1References7

OSV•added 2024/04/02 9:9 p.m.•14 views

GHSA-75HQ-H6G9-H4Q5 Wasmtime vulnerable to panic when using a dropped extenref-typed element segment

Impact The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. The panic in question is caused when a...

3.3CVSS3.8AI score0.00318EPSS

Exploits1References8

NVD•added 2022/01/21 11:15 p.m.•34 views

CVE-2022-21707

8.1CVSS0.00947EPSS

Exploits0References2

Prion•added 2022/01/21 11:15 p.m.•21 views

Authorization

5.5CVSS7.9AI score0.00947EPSS

Exploits0References2Affected Software1

CVE•added 2022/01/21 10:20 p.m.•77 views

CVE-2022-21707

CVE-2022-21707 affects wasmCloud Host Runtime. In versions prior to 0.52.2, actor capability claims are not verified on inbound invocations, allowing unauthorized invocations from linked capability providers and weakening the actor security model. The issue is fixed in 0.52.2 and later; there is ...

8.1CVSS7AI score0.00947EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/01/21 10:20 p.m.•3 views

CVE-2022-21707 Incorrect Authorization in wasmCloud

6.3CVSS8AI score0.00947EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by