OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 contained security vulnerabilities. These vulnerabilities stemmed from an authorization bypass vulnerability in the QQBot’s native approval button, which failed to enforce th...

EUVD-2025-179670

Malicious code in comet-auth-html-webpack-plugin-request npm...

MAL-2025-186212 Malicious code in comet-auth-html-webpack-plugin-request (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f5b037c3a10e0eb5d63054a411dd6a2daeb791121c669593b5602687a52454b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-8046 Injection Guard < 1.2.8 - Reflected XSS via $_SERVER['REQUEST_URI']

The Injection Guard WordPress plugin before 1.2.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

TP-LINK WR886N Buffer Error Vulnerability

The TP-LINK WR886N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin version, which originates from a buffer overflow vulnerability in the uninstallPluginReqHandle method...