Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 3:2 p.m.0 views

CVE-2026-32025

OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-forc...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References1
OSV
OSVadded 2026/03/19 10:16 p.m.2 views

CVE-2026-32025

OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-forc...

7.5CVSS5.9AI score
Exploits0References3
CVE
CVEadded 2026/03/19 10:7 p.m.1 views

CVE-2026-32025

OpenClaw versions prior to 2026.2.25 expose an authentication hardening gap in browser-origin WebSocket clients that bypasses origin checks and auth throttling on loopback deployments. An attacker enticed to visit a malicious page can perform password brute-force against the gateway to establish ...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/03/19 10:7 p.m.2 views

EUVD-2026-13298

OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-forc...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/03 12:0 a.m.3 views

PT-2026-26406

This issue is a browser-origin WebSocket auth chain on local loopback deployments using password auth. It is serious, but conditional: an attacker must get the user to open a malicious page and then successfully guess the gateway password. Context and Preconditions OpenClaw’s web/gateway surface ...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/02/17 12:0 a.m.4 views

PT-2026-20338

Name of the Vulnerable Software and Affected Versions emp3r0r versions prior to 3.21.2 Description The software accesses multiple shared maps without consistent synchronization across goroutines. Concurrent activity can trigger a fatal error: concurrent map read and map write, leading to a C2...

9.9CVSS5.5AI score0.00733EPSS
Exploits44References116
RedhatCVE
RedhatCVEadded 2025/05/22 10:40 p.m.5 views

CVE-2022-28169

Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By exploiting this vulnerability, a user whose...

8.8CVSS7.1AI score0.00404EPSS
Exploits0References1
OSV
OSVadded 2022/10/25 9:15 p.m.0 views

CVE-2022-28169

Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By exploiting this vulnerability, a user whose...

8.8CVSS7.1AI score0.00404EPSS
Exploits0References2
Rows per page
Query Builder