Lucene search
+L

9 matches found

osv
osv
added 2026/04/09 9:27 p.m.4 views

CVE-2026-35631 OpenClaw < 2026.3.22 - Missing Authorization Enforcement in Internal ACP Chat Commands

OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unauthorized modifications. Attackers without admin privileges can execute mutating control-plane actions by directly invoking affected ACP commands to bypass authorization gates...

7.1CVSS6AI score0.00225EPSS
Exploits0References6
snyk
snyk
added 2026/03/26 9:24 p.m.4 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization due to missing enforcement of the operator.admin scope in mutating internal ACP chat commands. An attacker can perform unauthorized mutating control-plane actions by...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2025/08/25 12:0 a.m.6 views

Collaborative Intelligence: Topic Modelling of Large Language Model Use in Live Cybersecurity Operations

Objective: This work describes the topic modelling of Security Operations Centre SOC use of a large language model LLM, during live security operations. The goal is to better understand how these specialists voluntarily use this tool. Background: Human-automation teams have been extensively...

7.3AI score
Exploits0
thn
thn
added 2025/02/26 1:54 p.m.58 views

Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts

More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between...

10CVSS10AI score0.99999EPSS
Exploits750
cnnvd
cnnvd
added 2023/02/21 12:0 a.m.5 views

cention-chatserver 跨站脚本漏洞

cention-chatserver is a tool to run FastChatMCAM in ferite-webserver. A cross-site scripting vulnerability exists in cention-chatserver version 3.8.0-rc1, which stems from a problem with the function formatBody in the file lib/InternalChatProtocol.fe, where manipulation of the parameter body can...

6.1CVSS4.6AI score0.00489EPSS
Exploits0References5
trellix
trellix
added 2022/11/22 12:0 a.m.24 views

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti By Jambul Tologonov· November 22, 2022 Introduction On October 31, 2022, Yanluowang’s TOR site was hacked displaying a message “check and mate!! Yanluowang Matrix chat hacked @yanluowangleaks Time’s...

6.2AI score
Exploits0
veracode
veracode
added 2022/10/21 1:37 p.m.19 views

Authorization Bypass

github.com/relatedcode/messenger is vulnerable to authorization bypass. The vulnerability exists because the application permissions are not properly handled which allows an attacker to access internal chat logs of any registered user on the server...

4.3CVSS5.2AI score0.00496EPSS
Exploits1References3Affected Software1
malwarebytes
malwarebytes
added 2022/03/01 8:49 p.m.66 views

The Conti ransomware leaks

On February 27, an individual with insights into the Conti ransomware group started leaking a treasure trove of data beginning with internal chat messages. Conti is responsible for a number of high profile attacks, including one against the Irish Healthcare system which has cost more than $48...

7AI score
Exploits0
thn
thn
added 2013/04/02 5:0 a.m.23 views

Italian team discoveries flaw in Ruzzle protocol, serious menace to privacy

We are in digital era, everything is connected to the large networks and applications benefit of even more complex devices that deeply interact with owner, in this scenario security requirements assume a crucial importance and security of overall architecture also depend on security of single...

6.6AI score
Exploits0
Rows per page
Query Builder