CVE-2026-41394 OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes

OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime actions intended for authorized operators...

CVE-2026-41394 OpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth Routes

OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime actions intended for authorized operators...

PT-2026-35778

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An authentication bypass exists where unauthenticated 'plugin-auth' HTTP routes are granted operator runtime write scopes. This allows unauthorized users to access these routes and perform...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via unauthenticated plugin-auth HTTP routes receiving operator runtime scopes. An attacker can gain unauthorized access to privileged runtime actions by sending...

CVE-2026-32236

A server side request forgery flaw has been discovered in the npm @backstage/plugin-auth-backend package. The CIMD metadata fetch validates the initial clientid hostname against private IP ranges but does not apply the same validation after HTTP redirects. The practical impact is limited. The...

CVE-2026-32236

Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial clientid...

Open Redirect

Overview @backstage/plugin-auth-backend is an A Backstage backend plugin that handles authentication Affected versions of this package are vulnerable to Open Redirect via the OAuth redirect URI validation bypass. An attacker can intercept authorization codes by crafting a redirect URI that bypass...

CVE-2023-40343

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token...

EUVD-2020-19058

Malware in sbrugna...

EUVD-2013-3187

Malware in sbrugna...

EUVD-2025-18255

Malicious code in bioql PyPI...

EUVD-2022-49625

Malicious code in bioql PyPI...

EUVD-2025-24171

Malicious code in bioql PyPI...

CVE-2025-5060

The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebookajaxlogincallback. This makes it possible for...

CVE-2025-49037 WordPress Authentication and xmlrpc log writer plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Federico Rota Authentication and xmlrpc log writer authentication-and-xmlrpc-log-writer allows Reflected XSS.This issue affects Authentication and xmlrpc log writer: from n/a through = 1.2.2...

CVE-2024-10055

The Click to Chat – WP Support All-in-One Floating Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsaiosnapchat shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2013-2743

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote attackers to bypass authentication via a crafted integer in the step parameter...

CVE-2025-47889

In Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, allowing unauthenticated attackers to log in to controllers using this security realm using any username and any password, including usernames that do not exist...

CVE-2025-1515

CVE-2025-1515 affects the WordPress plugin WP Real Estate Manager (versions up to and including 2.8). The root cause is insufficient identity verification in the LinkedIn login flow , enabling an unauthenticated attacker to perform an authentication bypass and log in as any user, including admini...

CVE-2024-9931 Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...