2 matches found
CVE-2026-53858
OpenClaw (pre-2026.5.2) is affected by CVE-2026-53858: an environment variable injection flaw where the workspace .env STATE_DIRECTORY can influence bundled runtime dependency roots. An attacker can manipulate STATE_DIRECTORY to load runtime dependencies from unintended local paths, potentially e...
Sulata iSoft (stream.php)local file inclusion vulnerability-vulnerability warning-the black bar safety net
Vulnerability type: a file that contains Vulnerability description: the stream. php download function to the path the filter is not strict, resulting in a local loading for any file with vulnerabilities. Vulnerability analysis: stream.php ..... //the includeonce"../home/library.php"; the...