CVE-2026-32014

OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the paired node device reconnect. An attacker can gain unauthorized access to restricted commands by spoofing the platform or deviceFamily metadata during a...

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability...

CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability

...

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2024-43461

Windows MSHTML Platform Spoofing Vulnerability...

CVE-2024-43461 Windows MSHTML Platform Spoofing Vulnerability

...

CVE-2024-43461

CVE-2024-43461 — Windows MSHTML Platform Spoofing Vulnerability : A UI misrepresentation in MSHTML that can be used to spoof a web page. Affected component: Windows MSHTML Platform. Underlying issue is a UI spoofing flaw; CVSSv3.1 score 8.8 ( NETWORK, LOW, NONE, UI: REQUIRED; Confidentiality/Inte...

KB5043076: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (September 2024)

The remote Windows host is missing security update 5043076. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Microsoft Management Console Remote Code Execution Vulnerability CVE-2024-38259 - Windows Remote Access Connection...

KB5042881: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5042881 or hotpatch update 5042880. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows...

KB5043064: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5043064. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVE-2024-38240 - Windows TCP/IP Remote...

KB5043092: Windows Server 2008 R2 Security Update (September 2024)

The remote Windows host is missing security update 5043092. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

KB5043083: Windows 10 LTS 1507 Security Update (September 2024)

The remote Windows host is missing security update 5043083. It is, therefore, affected by multiple vulnerabilities - Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 initial...

CVE-2024-38112

Windows MSHTML Platform Spoofing Vulnerability...

VulnCheck KEV: CVE-2024-38112

Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability...

CVE-2024-38112

Windows MSHTML Platform Spoofing Vulnerability Recent assessments: remmons-r7 at July 19, 2024 2:51pm UTC reported: Trend Micro reported this vulnerability to Microsoft after observing Void Banshee APT exploitation in the wild; the zero-day attack hinged on the premise that MHTML links would...

Microsoft Power BI 安全漏洞

Microsoft Power BI is an interactive data visualization software from Microsoft USA that focuses on business intelligence. It is part of the Microsoft Power Platform. A spoofing vulnerability exists in Microsoft Power BI. An attacker can exploit this vulnerability to conduct spoofing attacks...