CVE-2026-34595

CVE-2026-34595 affects Parse Server LiveQuery: an authenticated user with find class-level permission can bypass the protectedFields guard by submitting a subscription using an array-like object for $or/$and/$nor instead of a real array. This bypass allows the subscription firing to act as a bina...

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to loss of confidentiality (CVE-2025-68121)

Summary IBM App Connect Enterprise Certified Container operator and DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in Golang module crypto/tls...

CVE-2026-32916

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke runtime.subagent...

GHSA-GM2X-2G9H-CCM8 vulnerabilities

Vulnerabilities for packages: trivy, nuclei, livekit-cli, gitlab-runner, scorecard, kubescape-server, grafana, kaniko-fips, google-osconfig-agent, gitea, flux-fips, kubescape, guac, snyk-cli, argo-workflows-fips, argocd-image-updater, grype, argo-workflows, bom, cloudbeat-fips, syft-fips, gitaly,...

CVE-2026-34165 vulnerabilities

Vulnerabilities for packages: trivy, nuclei, livekit-cli, gitlab-runner, scorecard, kubescape-server, grafana, kaniko-fips, google-osconfig-agent, gitea, flux-fips, kubescape, guac, snyk-cli, argo-workflows-fips, argocd-image-updater, grype, argo-workflows, bom, cloudbeat-fips, syft-fips, gitaly,...

CVE-2026-34165 vulnerabilities

Vulnerabilities for packages: snyk-cli, nuclei, pulumi-kubernetes-operator, gomplate, steampipe, skaffold, kots, zot, chezmoi, gitaly, grype, kyverno, pulumi-language-java, syft, crossplane, grafana-alloy, flux, xeol, gitlab-runner, wolfictl, zarf, src-fingerprint, kubescape, teleport, osv-scanne...

CVE-2026-33762 vulnerabilities

Vulnerabilities for packages: snyk-cli, nuclei, pulumi-kubernetes-operator, gomplate, steampipe, skaffold, kots, zot, chezmoi, gitaly, grype, kyverno, pulumi-language-java, syft, crossplane, grafana-alloy, flux, xeol, gitlab-runner, wolfictl, zarf, src-fingerprint, kubescape, teleport, osv-scanne...

GHSA-GM2X-2G9H-CCM8 vulnerabilities

Vulnerabilities for packages: snyk-cli, nuclei, pulumi-kubernetes-operator, gomplate, steampipe, skaffold, kots, zot, chezmoi, gitaly, grype, kyverno, pulumi-language-java, syft, crossplane, grafana-alloy, flux, xeol, gitlab-runner, wolfictl, zarf, src-fingerprint, kubescape, teleport, osv-scanne...

GHSA-JHF3-XXHW-2WPP vulnerabilities

Vulnerabilities for packages: snyk-cli, nuclei, pulumi-kubernetes-operator, gomplate, steampipe, skaffold, kots, zot, chezmoi, gitaly, grype, kyverno, pulumi-language-java, syft, crossplane, grafana-alloy, flux, xeol, gitlab-runner, wolfictl, zarf, src-fingerprint, kubescape, teleport, osv-scanne...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to cause a low-privileged operator to approve nodes with a wider scope...

OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface

Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...

GHSA-XP9R-PRPG-373R OpenClaw: `browser.request` still allows `POST /reset-profile` through the `operator.write` surface

Fixed in OpenClaw 2026.3.24, the current shipping release. Title browser.request still allows POST /reset-profile through the operator.write surface in OpenClaw v2026.3.22 after GHSA-vmhq-cqm9-6p7q Severity Assessment High CWE: - CWE-863: Incorrect Authorization Proposed CVSS v3.1: - 8.1...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization through insufficient scope enforcement in the /allowlist command handler. An attacker can make unauthorized persistent changes to configuration and pairing-store...

OpenClaw: Mutating internal `/allowlist` chat commands missed `operator.admin` scope enforcement

Fixed in OpenClaw 2026.3.24, the current shipping release. Title Mutating internal /allowlist chat commands missed operator.admin scope enforcement CWE CWE-862 Missing Authorization CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Base score: 6.5 Medium Severity Assessment Medium. This is a...

GHSA-VQVG-86CC-CG83 OpenClaw: Mutating internal `/allowlist` chat commands missed `operator.admin` scope enforcement

Fixed in OpenClaw 2026.3.24, the current shipping release. Title Mutating internal /allowlist chat commands missed operator.admin scope enforcement CWE CWE-862 Missing Authorization CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Base score: 6.5 Medium Severity Assessment Medium. This is a...

Improper Privilege Management

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Privilege Management through the /allowlist process. An attacker can escalate privileges by using an authenticated gateway client with operator.write scope to persist unauthorize...

OpenClaw: Gateway operator.write Can Reach Admin-Class Channel Allowlist Persistence via chat.send

Fixed in OpenClaw 2026.3.24, the current shipping release. Summary The shared /allowlist command persists channel authorization config through writeConfigFile... but does not re-validate gateway client scopes for internal gateway callers. Because chat.send is intentionally reachable to...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the /v1/models HTTP endpoint, which does not enforce the required operator read scope. An attacker can access and enumerate model metadata by sending...

OpenClaw has a Gateway HTTP /v1/models Route Bypasses Operator Read Scope

Fixed in OpenClaw 2026.3.24, the current shipping release. Summary The OpenAI-compatible HTTP endpoint /v1/models accepts bearer auth but does not enforce operator method scopes. In contrast, the WebSocket RPC path enforces operator.read for models.list. A caller connected with operator.approvals...