Lucene search
+L

1731 matches found

Cvelist
Cvelist
added yesterday17 views

CVE-2026-62229 OpenClaw < 2026.5.18 Authorization Bypass via Glob Matching

OpenClaw before 2026.5.18 contain an authorization bypass vulnerability in exec allowlist glob matching that allows lower-trust callers to execute actions beyond intended authorization. Attackers can craft input paths that traverse the allowlist glob patterns to execute or persist unauthorized...

8.8CVSS0.00459EPSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-45117

OpenClaw before 2026.5.18 contain an authorization bypass vulnerability in exec allowlist glob matching that allows lower-trust callers to execute actions beyond intended authorization. Attackers can craft input paths that traverse the allowlist glob patterns to execute or persist unauthorized...

8.8CVSS6.2AI score0.00459EPSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-62229

OpenClaw prior to 2026.5.18 contains an authorization bypass in exec allowlist glob matching. This allows lower-trust callers to execute actions beyond intended authorization by crafting input paths that traverse the allowlist glob patterns when the affected feature is enabled. According to the C...

8.8CVSS6.2AI score0.00459EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-46341 Apify MCP server: Domain Allowlist Bypass in fetch-apify-docs via String Prefix Matching

The Apify MCP server enables AI agents to extract data from websites using ready-made scrapers, crawlers, and automation tools available on the Apify Store. Prior to 0.9.21, the fetch-apify-docs tool in src/tools/common/fetchapifydocs.ts validates allowlisted documentation domains with...

6.1CVSS0.00194EPSS
Exploits0References4
CVE
CVE
added 2 days ago25 views

CVE-2026-46341

CVE-2026-46341 affects Apify MCP Server prior to v0.9.21, where fetch-apify-docs.ts validates allowed domains with a startsWith() check instead of proper hostname comparison, enabling attacker-controlled subdomains (e.g., https://docs.apify.com.evil.com/ or https://[email protected]/) to pa...

6.1CVSS6.2AI score0.00194EPSS
Exploits0References4
NVD
NVD
added 3 days ago7 views

CVE-2026-42533

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...

9.2CVSS0.0083EPSS
Exploits0References1
CVE
CVE
added 3 days ago24 views

CVE-2026-42533

The CVE-2026-42533 entry concerns NGINX Plus and NGINX Open Source where a map directive that uses regex matching and a string expression references the map’s regex capture variables before the map output variable can be exploited. An unauthenticated attacker can trigger a heap buffer overflow in...

9.2CVSS6.4AI score0.0083EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago5 views

CVE-2026-42533 NGINX Map directive and Regex matching vulnerability

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...

9.2CVSS6.4AI score0.0083EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago37 views

CVE-2026-42533 NGINX Map directive and Regex matching vulnerability

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...

9.2CVSS0.0083EPSS
Exploits0References1
F5 Networks
F5 Networks
added 3 days ago11 views

K000162097: NGINX map directive and regex matching vulnerability CVE-2026-42533

Security Advisory Description A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by...

9.2CVSS6.3AI score0.0083EPSS
Exploits0Affected Software7
RedHat Linux
RedHat Linux
added 3 days ago4 views

Node.js: Node.js: Trust-policy bypass due to hostname matching inconsistency

A flaw was found in Node.js. An inconsistency in how Node.js matches hostnames can be exploited by a remote attacker in multi-context mTLS mutual Transport Layer Security setups. This vulnerability allows for a trust-policy bypass, potentially leading to unauthorized access to sensitive informati...

5.4CVSS6.6AI score0.00256EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago6 views

undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

A flaw was found in undici. When undici processes Set-Cookie headers, it incorrectly interprets the SameSite attribute, accepting partial matches instead of exact ones. This allows a malicious server to downgrade a cookie's SameSite policy to a less secure setting, potentially leading to unintend...

3.7CVSS6.9AI score0.00248EPSS
Exploits0References6
NVD
NVD
added 4 days ago7 views

CVE-2026-59891

sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 0.7.1, getRegistryCredentials reads credentials from the Docker config file and selects an entry by checking whether any configured auth key contains the target registry string. Because this is a substring...

9.6CVSS0.00321EPSS
Exploits0References3
CVE
CVE
added 4 days ago5 views

CVE-2026-59891

The CVE-2026-59891 entry concerns sigstore-js prior to 0.7.1. getRegistryCredentials() reads Docker config credentials and selects an entry by substring match of the target registry, which can cause credentials for one registry to be sent to a different registry whose hostname has a matching subs...

9.6CVSS6.1AI score0.00321EPSS
Exploits0References3
OSV
OSV
added 4 days ago3 views

CVE-2026-59891 Credential confusion in  @sigstore/oci  can leak registry credentials to an attacker-controlled registry

sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 0.7.1, getRegistryCredentials reads credentials from the Docker config file and selects an entry by checking whether any configured auth key contains the target registry string. Because this is a substring...

9.6CVSS6.1AI score0.00321EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/09 5:0 p.m.9 views

CVE-2026-59223

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, WEBFETCHFILTERLIST matching compared configured host entries against URL strings and non-label-boundary suffixes, allowing path-based blocklist bypasses such as !internal.example.com in a URL pa...

4.3CVSS6AI score0.00223EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/07/09 5:0 p.m.4 views

CVE-2026-59223 Open WebUI: `WEB_FETCH_FILTER_LIST` host allow/block filter bypassable via URL path and non-label-boundary matching

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, WEBFETCHFILTERLIST matching compared configured host entries against URL strings and non-label-boundary suffixes, allowing path-based blocklist bypasses such as !internal.example.com in a URL pa...

4.3CVSS6.1AI score0.00223EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-59883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP- address or bare-numeric Domain values to the exact ho...

6.1CVSS6.1AI score0.00115EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/08 6:46 p.m.5 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error via the CookieJar process. An attacker can access or manipulate cookies belonging to other hosts by exploiting improper domain matching for IP-address or bare-numeric domains. Remediation Upgrade guzzlehttp/guzzl...

6.1CVSS6.1AI score0.00115EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 5:17 p.m.4 views

DEBIAN-CVE-2026-59883

Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-numeric Domain values to the exact host that set them, because SetCookie::matchesDomain applied ordinary suffix matching to domains such as 192.168.0.1, ::1, or 1, allowing...

6.1CVSS6.1AI score0.00115EPSS
Exploits0References1
Rows per page
Query Builder