Lucene search
K

4 matches found

CVE
CVE
added 2026/06/12 9:56 p.m.20 views

CVE-2026-53832

CVE-2026-53832 affects OpenClaw prior to 2026.5.18. The issue is an identity header validation flaw that lets local, same-host callers forge trusted-proxy identity headers, enabling them to assume operator identity and potentially escalate privileges when they have access to the proxy-facing Gate...

7.7CVSS5.3AI score0.00102EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-49036

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An identity header validation issue allows local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply these forged headers...

7.7CVSS5.2AI score0.00102EPSS
Exploits0References8
Snyk
Snyk
added 2026/03/27 11:25 p.m.4 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management via the restore process. An attacker can gain unauthorized administrative privileges by uploading a crafted SQLite database file, allowing access to user management, audit logs, debug endpoints, and operato...

8.6CVSS5.9AI score0.00388EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2011/03/29 7:12 p.m.9 views

Report: Rustock Operators or Operator

A Krebsonsecurity piece looks into the unknown party behind the Rustock botnet, and whether it may have been operated by just one person. By interviewing investigators involved in the takedown, a joint operation carried out by Microsoft, FireEye, and various law enforcement agencies, Krebs...

2AI score
Exploits0References5
Rows per page
Query Builder