Lucene search
K

14 matches found

EUVD
EUVD
added 2026/05/06 9:31 p.m.8 views

EUVD-2026-28172

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References6
OSV
OSV
added 2026/05/06 9:31 p.m.7 views

GHSA-WWWC-F646-VJ2J Duplicate Advisory: OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-536q-mj95-h29h. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger...

7.7CVSS5.8AI score0.00264EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/06 9:31 p.m.17 views

Duplicate Advisory: OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-536q-mj95-h29h. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger...

7.7CVSS5.8AI score0.00264EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/05/06 8:16 p.m.6 views

CVE-2026-43580

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS0.00264EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43580

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.10 views

CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.35 views

CVE-2026-43580 OpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser Interactions

OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security checks to execute...

7.7CVSS0.00264EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 7:49 p.m.16 views

CVE-2026-43580

OpenClaw contains an incomplete navigation guard vulnerability in versions prior to 2026.4.10. The issue allows triggering navigation without full SSRF policy enforcement via browser interactions (pressKey/type submit flows), bypassing post-action security checks to perform unauthorized navigatio...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-38235

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description An incomplete navigation guard allows attackers to trigger navigation without full Server-Side Request Forgery SSRF policy enforcement. SSRF is a flaw where an attacker can force a server to mak...

7.7CVSS5.9AI score0.00264EPSS
Exploits0References7
OSV
OSV
added 2026/04/17 10:14 p.m.2 views

GHSA-536Q-MJ95-H29H OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage

Summary Browser press/type interaction routes missed complete navigation guard coverage. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Some browser press/type style interactions could trigger navigation without complete post-action SSRF...

7.7CVSS5.7AI score0.00264EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/04/17 10:14 p.m.14 views

OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage

Summary Browser press/type interaction routes missed complete navigation guard coverage. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Some browser press/type style interactions could trigger navigation without complete post-action SSRF...

7.7CVSS5.7AI score0.00264EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.8 views

CVE-2026-33336

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.8AI score0.01115EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/03 9:37 p.m.8 views

OpenClaw browser navigation guard allowed non-network URL schemes, enabling authenticated browser-tool users to access file:// local files

Impact assertBrowserNavigationAllowed validated only http:/https: network targets but implicitly allowed other schemes. An authenticated gateway user could navigate browser sessions to file:// URLs and read local files via browser snapshot/extraction flows. Affected Component -...

7.1CVSS5.9AI score0.00403EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.7 views

PT-2026-26390

Impact assertBrowserNavigationAllowed validated only http:/https: network targets but implicitly allowed other schemes. An authenticated gateway user could navigate browser sessions to file:// URLs and read local files via browser snapshot/extraction flows. Affected Component -...

7.1CVSS5.8AI score0.00403EPSS
Exploits1References7
Rows per page
Query Builder