CVE-2026-42428

OpenClaw is affected. OpenClaw versions before 2026.4.8 do not enforce integrity verification for downloaded plugin archives, enabling attackers to install malicious or tampered plugins in the local assistant environment. The CVE description and related advisories (GHSA-3VVQ-Q2QC-7RMP) specify af...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 contained security vulnerabilities. These vulnerabilities stemmed from the failure to perform integrity checks on downloaded plugin archives. This could allow attackers to...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing mechanism in the market plugin download function, which could allow attackers to...

EUVD-2026-24002

OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows attackers to access internal resources by following unvalidated redirects. The marketplace.ts module fails to restrict redirect destinations during archive...

EUVD-2015-0851

Malware in sbrugna...

CVE-2020-2320

Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads...

SUSE CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

Cloudbees Jenkins 安全漏洞

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A security vulnerability exists in...

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

CVE-2015-0839

The CVE-2015-0839 issue affects the hp-plugin download verification in HP Linux Imaging and Printing (HPLIP). Root cause: verification uses a short GPG key ID from a keyserver, enabling MITM attackers to potentially drive arbitrary code execution during print plugin downloads. Impact: network-exp...

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

WordPress Plugin Backup 2.0.1 - Information Disclosure

WordPress Plugin Backup 2.0.1 - Information Disclosure Exploit Title: WordPress Backup plugin exposes site data Google Dork: http://www.google.com/search?q=inurl:wp-content/backup.log Date: 01-jul-2012 Exploit Author: Stephan Knauss Vendor Homepage: http://wordpress.org/extend/plugins/backup/...