Lucene search
+L

2995 matches found

Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.8 views

PT-2026-53005

Name of the Vulnerable Software and Affected Versions Fluentd versions prior to 1.19.3 Description The out http output plugin allows the use of placeholders, such as $tag, in the endpoint configuration parameter. If a placeholder value is derived from untrusted input, an attacker can control the...

7.2CVSS7.3AI score0.00442EPSS
Exploits0References15
NVD
NVD
added 2026/06/23 3:16 p.m.11 views

CVE-2026-27604

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS0.00408EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.12 views

CVE-2026-56211

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-51017

Name of the Vulnerable Software and Affected Versions ProxySQL versions 3.0.0 through 3.0.8 Description The GenAI/MCP run sql readonly tool violates its read-only contract for MySQL targets. The tool validates input using a substring blacklist and a first-keyword allowlist, but executes the SQL...

7.5CVSS5.9AI score0.00226EPSS
Exploits0References8
OSV
OSV
added 2026/06/18 8:42 p.m.6 views

GHSA-8MG9-J9CF-54CJ OpenClaw: Empty-scope device re-pairing could confuse caller scope containment

Summary Empty-scope device re-pairing could confuse caller scope containment. In affected versions, a device re-pairing request with an empty scope set could skip the intended containment guard during re-pairing. This advisory is scoped to the named feature and configuration. It does not change...

5.4CVSS5.6AI score0.00206EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:34 p.m.6 views

GHSA-MPC8-JXJH-QPGH OpenClaw: Focus command could miss controlScope enforcement

Summary Focus command could miss controlScope enforcement. In affected versions, a caller able to trigger the focus command could run the command without enforcing the expected control scope. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

6.8CVSS5.6AI score0.00093EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:32 p.m.5 views

GHSA-8J37-5W68-WJ2G OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers

Summary BlueBubbles sender policy could match mutable conversation identifiers. In affected versions, a participant able to influence conversation-level identifiers could match an allowlist entry through conversation metadata rather than a stable sender identity. This advisory is scoped to the...

4.2CVSS5.7AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:16 p.m.8 views

GHSA-68XW-R643-9P5W OpenClaw: Skill-command dispatch could skip before-tool-call hooks

Summary Skill-command dispatch could skip before-tool-call hooks. In affected versions, a skill command routed through the affected dispatch path could run without the same runBeforeToolCallHook coverage as other tool entry points. This advisory is scoped to the named feature and configuration. I...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:15 p.m.7 views

GHSA-X629-46CC-7XGW OpenClaw: Active Memory write scope could mutate global config

Summary Active Memory write scope could mutate global config. In affected versions, a Gateway caller with operator.write access to the affected command could change global configuration without requiring operator.admin. This advisory is scoped to the named feature and configuration. It does not...

5.3CVSS5.7AI score0.00176EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:12 p.m.5 views

GHSA-9V8J-9C9G-W66C OpenClaw: Bootstrap token replay could widen pending pairing scopes

Summary Bootstrap token replay could widen pending pairing scopes. In affected versions, a caller with access to a pending bootstrap token could reuse the token before approval with a broader requested scope set. This advisory is scoped to the named feature and configuration. It does not change...

4.2CVSS5.6AI score0.00088EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:11 p.m.7 views

GHSA-GXG4-2RRR-JHC7 OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently

Summary Hostname checks could treat trailing-dot hosts inconsistently. In affected versions, a request path that accepts model- or workspace-derived URLs could present the same hostname with a trailing dot and avoid a blocklist comparison. This advisory is scoped to the named feature and...

6.5CVSS5.6AI score0.0021EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 8:10 p.m.8 views

GHSA-CWPP-5962-Q4F6 OpenClaw: Exec allowlist could miss side effects from transparent command wrappers

Summary Exec allowlist could miss side effects from transparent command wrappers. In affected versions, a command request that reaches the exec allowlist path could be evaluated against the inner command while the wrapper invocation still executed. This advisory is scoped to the named feature and...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 1:4 p.m.15 views

GHSA-985F-72MJ-8GF7 OpenClaw: Tool group policy callers could accept unvalidated group IDs

Summary Tool group policy callers could accept unvalidated group IDs. In affected versions, a caller that can supply a group id to the affected policy resolver could resolve policy for an unvalidated group id. This advisory is scoped to the named feature and configuration. It does not change...

6CVSS5.6AI score0.00169EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/17 4:58 p.m.13 views

EUVD-2026-37765

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS5.8AI score0.00815EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/17 4:58 p.m.9 views

CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS5.8AI score0.00815EPSS
Exploits1References1
OSV
OSV
added 2026/06/17 4:58 p.m.4 views

CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS6.2AI score0.00815EPSS
Exploits1References12
OSV
OSV
added 2026/06/17 1:55 p.m.19 views

GHSA-664H-GPGQ-H6XX n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints

Impact Three mutating endpoints in the evaluation test runs controller authorized state-changing actions using workflow:read instead of the action-appropriate workflow:execute scope. An authenticated user with project:viewer role on a project could start new evaluation test runs, cancel in-flight...

5.4CVSS5.5AI score0.00176EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 11:2 p.m.11 views

GHSA-PMQW-72CG-WX85 n8n: Credential Exfiltration via Permission Bypass

Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing i...

9.6CVSS6AI score0.00315EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/16 10:39 p.m.12 views

n8n: Stored XSS in Chat Trigger Node

Impact An authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the injected code executed in the n8n origin with that user's session privileges. Patches T...

7CVSS5.6AI score0.0021EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 6:59 p.m.23 views

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

Impact An authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing unintended documents to be matched and overwritten with...

7.7CVSS5.3AI score0.0026EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder