Lucene search
+L

2992 matches found

ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.19 views

PT-2026-51017

Name of the Vulnerable Software and Affected Versions ProxySQL versions 3.0.0 through 3.0.8 Description The GenAI/MCP run sql readonly tool violates its read-only contract for MySQL targets. The tool validates input using a substring blacklist and a first-keyword allowlist, but executes the SQL...

7.5CVSS5.9AI score0.00226EPSS
Exploits0References8
osv
osv
added 2026/06/18 8:42 p.m.6 views

GHSA-8MG9-J9CF-54CJ OpenClaw: Empty-scope device re-pairing could confuse caller scope containment

Summary Empty-scope device re-pairing could confuse caller scope containment. In affected versions, a device re-pairing request with an empty scope set could skip the intended containment guard during re-pairing. This advisory is scoped to the named feature and configuration. It does not change...

5.4CVSS5.6AI score0.00206EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:34 p.m.6 views

GHSA-MPC8-JXJH-QPGH OpenClaw: Focus command could miss controlScope enforcement

Summary Focus command could miss controlScope enforcement. In affected versions, a caller able to trigger the focus command could run the command without enforcing the expected control scope. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

6.8CVSS5.6AI score0.00093EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:32 p.m.5 views

GHSA-8J37-5W68-WJ2G OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers

Summary BlueBubbles sender policy could match mutable conversation identifiers. In affected versions, a participant able to influence conversation-level identifiers could match an allowlist entry through conversation metadata rather than a stable sender identity. This advisory is scoped to the...

4.2CVSS5.7AI score0.00171EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:16 p.m.8 views

GHSA-68XW-R643-9P5W OpenClaw: Skill-command dispatch could skip before-tool-call hooks

Summary Skill-command dispatch could skip before-tool-call hooks. In affected versions, a skill command routed through the affected dispatch path could run without the same runBeforeToolCallHook coverage as other tool entry points. This advisory is scoped to the named feature and configuration. I...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:15 p.m.7 views

GHSA-X629-46CC-7XGW OpenClaw: Active Memory write scope could mutate global config

Summary Active Memory write scope could mutate global config. In affected versions, a Gateway caller with operator.write access to the affected command could change global configuration without requiring operator.admin. This advisory is scoped to the named feature and configuration. It does not...

5.3CVSS5.7AI score0.00176EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:12 p.m.5 views

GHSA-9V8J-9C9G-W66C OpenClaw: Bootstrap token replay could widen pending pairing scopes

Summary Bootstrap token replay could widen pending pairing scopes. In affected versions, a caller with access to a pending bootstrap token could reuse the token before approval with a broader requested scope set. This advisory is scoped to the named feature and configuration. It does not change...

4.2CVSS5.6AI score0.00088EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:11 p.m.7 views

GHSA-GXG4-2RRR-JHC7 OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently

Summary Hostname checks could treat trailing-dot hosts inconsistently. In affected versions, a request path that accepts model- or workspace-derived URLs could present the same hostname with a trailing dot and avoid a blocklist comparison. This advisory is scoped to the named feature and...

6.5CVSS5.6AI score0.0021EPSS
Exploits0References4
osv
osv
added 2026/06/18 8:10 p.m.8 views

GHSA-CWPP-5962-Q4F6 OpenClaw: Exec allowlist could miss side effects from transparent command wrappers

Summary Exec allowlist could miss side effects from transparent command wrappers. In affected versions, a command request that reaches the exec allowlist path could be evaluated against the inner command while the wrapper invocation still executed. This advisory is scoped to the named feature and...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References4
osv
osv
added 2026/06/18 1:4 p.m.14 views

GHSA-985F-72MJ-8GF7 OpenClaw: Tool group policy callers could accept unvalidated group IDs

Summary Tool group policy callers could accept unvalidated group IDs. In affected versions, a caller that can supply a group id to the affected policy resolver could resolve policy for an unvalidated group id. This advisory is scoped to the named feature and configuration. It does not change...

6CVSS5.6AI score0.00169EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/17 4:58 p.m.9 views

CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS5.8AI score0.00815EPSS
Exploits1References1
osv
osv
added 2026/06/17 4:58 p.m.4 views

CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS6.2AI score0.00815EPSS
Exploits1References12
euvd
euvd
added 2026/06/17 4:58 p.m.13 views

EUVD-2026-37765

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS5.8AI score0.00815EPSS
Exploits1References1
osv
osv
added 2026/06/17 1:55 p.m.18 views

GHSA-664H-GPGQ-H6XX n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints

Impact Three mutating endpoints in the evaluation test runs controller authorized state-changing actions using workflow:read instead of the action-appropriate workflow:execute scope. An authenticated user with project:viewer role on a project could start new evaluation test runs, cancel in-flight...

5.4CVSS5.5AI score0.00176EPSS
Exploits0References2
osv
osv
added 2026/06/16 11:2 p.m.9 views

GHSA-PMQW-72CG-WX85 n8n: Credential Exfiltration via Permission Bypass

Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing i...

9.6CVSS6AI score0.00315EPSS
Exploits0References3
github
github
added 2026/06/16 10:39 p.m.12 views

n8n: Stored XSS in Chat Trigger Node

Impact An authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the injected code executed in the n8n origin with that user's session privileges. Patches T...

7CVSS5.6AI score0.0021EPSS
Exploits0References2Affected Software1
github
github
added 2026/06/16 6:59 p.m.23 views

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

Impact An authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing unintended documents to be matched and overwritten with...

7.7CVSS5.3AI score0.0026EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/16 12:0 a.m.20 views

PT-2026-50180

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.24.0 Description The Compression node's Decompress operation expands attacker-controlled archives into memory without enforcing limits on the decompressed output size. An unauthenticated attacker can send a small...

7.5CVSS5.9AI score0.00375EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/16 12:0 a.m.20 views

PT-2026-50173

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.55 n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description An open source workflow automation platform contains an issue where a member-level user with editor access to a shared workflow can reference...

9.6CVSS5.9AI score0.00315EPSS
Exploits0References6
githubexploit
githubexploit
added 2026/06/10 12:49 p.m.70 views

Exploit for Use After Free in Linux Linux_Kernel

Auditor CVE-2026-23111 Linux Kernel nftables UAF Este re...

7.8CVSS5.7AI score0.00344EPSS
Exploits7
Rows per page
Query Builder