2 matches found
CVE-2026-44118
OpenClaw is affected by CVE-2026-44118 prior to version 2026.4.22. The vulnerability arises because loopback MCP owner context is derived from spoofable server-issued bearer tokens in request headers. This allows non-owner loopback clients to impersonate the owner by manipulating the sender-owner...
CVE-2020-4290
IBM Security Information Queue ISIQ 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive information or allow for unauthorized access. IBM X-Force ID: 176333...