Lucene search
+L

87 matches found

RedhatCVE
RedhatCVE
added 2026/05/06 2:21 p.m.10 views

CVE-2026-43569

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:25 a.m.5 views

CVE-2026-43569

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.42 views

CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS0.00381EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/05 11:25 a.m.7 views

CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 11:25 a.m.4 views

CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth

OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...

7.7CVSS5.9AI score0.00381EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.9 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing for the automatic activation of untrusted workspace plugins during...

8.8CVSS5.8AI score0.00381EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 10:20 a.m.104 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Exploit A Linux kernel page cache co...

7.8CVSS7.4AI score0.96267EPSS
Exploits230
Fedora
Fedora
added 2026/04/25 1:53 a.m.11 views

[SECURITY] Fedora 44 Update: mupdf-1.27.1-10.fc44

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

7.8CVSS5.7AI score0.00213EPSS
Exploits0
Snyk
Snyk
added 2026/04/17 10:12 p.m.14 views

Unsafe Dependency Resolution

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the authentication setup. An attacker can cause untrusted workspace plugins to be auto-enabled by leveraging non-interactive onboarding that selects a...

8.8CVSS5.7AI score0.00381EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/16 8:29 p.m.153 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

CVE-2024-30088 – WinRM Adapted PoC 📌 Summary This is a mo...

7CVSS7.5AI score0.68202EPSS
Exploits7
Fedora
Fedora
added 2026/04/12 3:38 p.m.9 views

[SECURITY] Fedora 43 Update: mupdf-1.27.1-10.fc43

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

7.8CVSS5.9AI score0.00213EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/01 12:0 a.m.6 views

Computational Monogamy of Entanglement and Non-Interactive Quantum Key Distribution

Quantum key distribution QKD enables Alice and Bob to exchange a secret key over a public, untrusted quantum channel. Compared to classical key exchange, QKD achieves everlasting security: after the protocol execution the key is secure against adversaries that can do unbounded computations. On th...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.4 views

Pura: an Efficient Privacy-Preserving Solution for Face Recognition

Face recognition is an effective technology for identifying a target person by facial images. However, sensitive facial images raises privacy concerns. Although privacy-preserving face recognition is one of potential solutions, this solution neither fully addresses the privacy concerns nor is...

6.7AI score
Exploits0
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure a Proper SSH Service Authentication Mode

A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...

7.3AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/04/24 12:0 a.m.6 views

Silenzio: Secure Non-Interactive Outsourced MLP Training

Outsourcing the ML training to cloud providers presents a compelling opportunity for resource constrained clients, while it simultaneously bears inherent privacy risks, especially for highly sensitive training data. We introduce Silenzio, the first fully non-interactive outsourcing scheme for the...

6.8AI score
Exploits0
OSV
OSV
added 2024/11/12 9:20 p.m.4 views

GHSA-FPR5-JP2J-4Q2F paillier-zk has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

6.9CVSS7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/11/12 9:20 p.m.12 views

paillier-zk has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/12 8:54 p.m.6 views

GHSA-RM66-9GH4-4GP8 cggmp21 vulnerable to ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

6.9CVSS7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/11/12 8:54 p.m.12 views

cggmp21 vulnerable to ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/12 8:53 p.m.7 views

GHSA-7JJX-3QW9-J6H6 cggmp21-keygen has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

6.9CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder