58578 matches found
CVE-2026-35620
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce...
CVE-2026-35620 OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce...
CVE-2026-35621
OpenClaw
CVE-2026-35621 OpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist Persistence
OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to build an internal...
CVE-2026-35619
CVE-2026-35619 affects OpenClaw prior to 2026.3.24. The vulnerable component is the HTTP /v1/models endpoint, which fails to enforce operator.read scope, allowing attackers with operator.approvals to enumerate gateway model metadata via the HTTP compatibility route and bypass WebSocket RPC author...
EUVD-2026-21430
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
CVE-2026-35619 OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
CVE-2026-35619
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
CVE-2026-35619 OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint
OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper SQL operator precedence in the hasAccessToLabel function. An attacker can access label metadata, including titles, descriptions, colors, and creator information from projects they do not have acce...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper SQL operator precedence in the hasAccessToLabel function. An attacker can access label metadata, including titles, descriptions, colors, and creator information from projects they do not have acce...
EUVD-2026-21420
Vikunja has Broken Access Control on Label Read via SQL Operator Precedence Bug...
Vikunja has Broken Access Control on Label Read via SQL Operator Precedence Bug
Summary The hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any label that has at least one task association, regardless of project access. Label titles, descriptions, colors, and creator information are exposed. Details The access contr...
GHSA-HJ5C-MHH2-G7JQ Vikunja has Broken Access Control on Label Read via SQL Operator Precedence Bug
Summary The hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any label that has at least one task association, regardless of project access. Label titles, descriptions, colors, and creator information are exposed. Details The access contr...
GHSA-H27X-RFFW-24P4 vulnerabilities
Vulnerabilities for packages: ruby3.3-fluentd-kubernetes-daemonset, kube-fluentd-operator, ruby4.0-fluentd-kubernetes-daemonset, logstash, ruby3.4-fluentd-kubernetes-daemonset, kube-logging-operator, cinc-auditor, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-35611 vulnerabilities
Vulnerabilities for packages: ruby3.3-fluentd-kubernetes-daemonset, kube-fluentd-operator, ruby4.0-fluentd-kubernetes-daemonset, logstash, ruby3.4-fluentd-kubernetes-daemonset, kube-logging-operator, cinc-auditor, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-H27X-RFFW-24P4 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, ruby3.4-fluentd-kubernetes-daemonset, logstash, ruby3.3-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, cinc-auditor, gitlab-rails-ce, kube-fluentd-operator, kube-logging-operator...
CVE-2026-35611 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, ruby3.4-fluentd-kubernetes-daemonset, logstash, ruby3.3-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, cinc-auditor, gitlab-rails-ce, kube-fluentd-operator, kube-logging-operator...
CLEANSTART-2026-OC72960 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing
Multiple security vulnerabilities affect the gpu-operator-fips package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...
CLEANSTART-2026-JM69747 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 25.10.0-r1
Multiple security vulnerabilities affect the gpu-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...